Articles Featured

Gain Maximum Cybersecurity Protection from Minimal Budget Increases

July 16, 2024

Gain Maximum Cybersecurity Protection from Minimal Budget Increases

In 2018, at least a third of Atlanta government services were attacked, including police dashboard cams, utility payments and Wi-Fi at Hartsfield-Jackson International Airport, the busiest airport in the world. When all was said and done, that breach cost the city $9.5M to recover from. Experts say they got off easy.

In 2020, an attack shut down a public health services website in Champaign-Urbanna, Illinois, right as COVID hit. And, in 2023, the Los Angeles Unified School District had 500GB of student data stolen and, after they refused to pay the ransom, all the data was released on the dark web.

The fact is, hackers maintain a regular timeline of attacks on state and local governments. Between 2022 and 2023, the Center for Internet Security reports that malware attacks increased 148%, ransomware was up 51% and endpoint data breaches increased by 313% in the SLED sector. The same report indicated that the biggest weakness in this sector’s cybersecurity programs is that they are still being created.

Customer experience and risk management are two sides of the same coin.

In 2020, ransomware attacks on US Government organizations cost $18.9B. Yet, in 2024, Gartner reports that cybersecurity budgets are increasing 4% on average—a rate that struggles to keep pace with inflation. Leadership wants IT to focus on delivering better user experiences, while CIOs are prioritizing cybersecurity and risk management. In fact, Gartner indicates that customer experience and risk management are the top two outcomes desired through technology investments in the SLED sector.

State Local Government Inflation

A quick review of the attacks on state and local governments, as well as educational institutions, reveals that those two outcomes overlap significantly. If a hack causes user data to be stolen or limits access to services, those are significant user experience failures. It’s not just about how many clicks it takes to pay car registration fees. It’s also about ensuring the safety of the data required to make that transaction.

Protecting data, user experience and your reputation with an affordable, unified approach.

On average, a data breach on state and local governments ranges from $665K to $40.5M. The average yearly cost to implement and maintain Center for Internet Security (CIS) Benchmarks varies based on organization size, but is much lower than the average breach in most cases. CIS represents a nonprofit community of IT professionals who have created best practices based on NIST 800-53. Their Benchmarks are the recommended approach for SLED.

CIS recommends an IT budget that is 5% of overall revenue, with cybersecurity getting 20% of that money. But even if your budgets don’t even come close to that, the majority of organizations can still afford to mature their cybersecurity program and increase their cyber resilience. It’s all in the way you approach it. Here are the two primary ways to lower costs:

Implement a proven, standardized approach to system hardening. CIS Benchmarks are used widely in SLED and are the right-sized approach for your needs. Like a roadmap, they point you directly to known vulnerabilities and tell you what to do once you get there.
Employ automation. To implement this level of cybersecurity, you either need to find and hire a new team of expensive cybersecurity experts to do all the work by hand. Or you can automate CIS Benchmarks with a proven solution that saves time, money and effort.

Using CIS Benchmarks with its leading automation solution, even organizations with modest budgets can afford top-tier cybersecurity. Automation usually pays for itself with the first use by offsetting the cost of hiring new staff. And CIS Benchmarks account for a small part of the average cybersecurity budget. Just one thwarted incident delivers full ROI for your effort.

See how this high-ROI cybersecurity approach works in real life.

According to NASCIO, the median state IT budget is $132M. Implementing CIS Benchmarks with SteelCloud automation costs 1-2% of that budget. A breach, however, could easily cost 2x to 3x as much, not to mention the embarrassment and considerable costs to citizen confidence in your organization. Downtime from an attack, alone, is estimated at more than $160K per day.

If you haven’t had a significant hit on your data or operations yet, you’re lucky. The only way to prevent future attacks is to harden up and keep your systems continually up-to-date. Using CIS Benchmarks in combination with automation is among the most cost-effective approaches to protecting data, system availability and citizen confidence. To see how automation works with CIS Benchmarks, schedule a demo today.

Share This Resource:

budget / CIS Benchmarks / cybersecurity / Higher Ed / higher education / IT / malware / ransomware / SLED

eBook: Budgeting for CIS Benchmarks Implementation in Higher Education Prev post

Making The Business Case for CIS Benchmarks Automation in SLED Next post

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.

Necessary

Always Enabled

Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Gain Maximum Cybersecurity Protection from Minimal Budget Increases

Resource Library

Recent Resources

Featured Resources

Visual Guide to System Hardening and Automation

How to Harden Systems Easily and Affordably

VIDEO: How to Overcome Budget and Staff Cuts with Automation

What We Do

Company

Support