It’s here! And by “it,” we mean budget season. Are your IT and Cybersecurity budgets ready for 2023? If you haven’t evaluated your historic IT spend, now’s the time to dive in. Technology is always evolving, and your budget should be too. We’re sharing what we’re hearing from clients, along with ADNET’s tips and tricks to help make sure your IT and cybersecurity budget planning for 2023 is aligned with your business goals.
What should I include in my IT and Cybersecurity budgets?
At the risk of sounding vague, that depends on your business and goals. Nevertheless, some things you’ll want to include:
- Hardware upgrades needed (new laptops, phones, devices, workstations)
- Licensing, software subscriptions and application fees
- Managed IT services
- Cloud services
- IT projects (upgrades, implementations, etc.)
- Energy costs (cloud vs. on-premise)
- Security and IT training for employees
- Annual Risk Assessments
- Managed Security Services
This list might look different depending on your organization’s existing IT infrastructure, and whether you plan to make any drastic changes in the coming year.
Is Cybersecurity part of an IT budget?
It can be, but ADNET encourages clients to separate the two. While some items may complement each other, cybersecurity and IT are both critical categories that deserve their own focus. Many smaller organizations aren’t breaking this out yet, but most larger ones are. Ideally, your cybersecurity budget and IT budget should be developed side by side to ensure that they align and you’re not duplicating work or costs, or choosing cybersecurity based on incorrect assumptions about what the future holds for your IT spend.
If you plan to pursue Cyber Insurance (spoiler alert: you should), make sure you budget for initiatives to reduce premiums. Many Cyber Insurance requirements now are making people jump through hoops to increase their overall security posture (which can require substantial investments) to meet the criteria for coverage. If you’re not planning for this, it could take away from other budget areas.
Given the increase in cyberattacks and evolving requirements for compliance, as well as those for Cyber Insurance, ADNET recommends increasing your cybersecurity budget in 2023. A security event is not only costly – it’s damaging to your organization’s reputation, client’s trust, and your business operations. An increase in preventative services and proactive tools is the best investment you can make in protecting your business.
Additionally, don’t forget about annual services, like Risk Assessments and Security Awareness Training for your team. To be effective, these should be done at least once a year – meaning they should always be in your cybersecurity budget. There should also be an allocation to address findings from Risk Assessments, Penetration Testing and any other security reviews that will have recommendations or suggested remediation.
Planning ahead
Budgeting can feel like guesswork. There’s no way to know exactly what the next twelve months will hold, but there are things you can do to prepare for the unknown – as well as taking stock of the challenges you’ll likely encounter. Here are a few tips for keeping costs in check while planning for the next year.
- Take inventory: Have someone review your hardware (laptops, servers if you’re on premise, switches, etc.) to see what may be aging out soon, particularly if it isn’t supported by the manufacturer anymore. If you have an IT partner, they can help with this. Once you have an inventory of the older equipment, prioritize what you’ll want to replace in the next few months and keep the rest on a backlog for the following year. While it’s not a guarantee that you won’t need to replace any newer hardware, it’s more likely that an aging machine will encounter issues. It’s also a great time to price out the costs of cloud vs on-premise. If the main reason for having an office is to have a closet to put your servers in, you might be spending far more than you need to.
- Review your licensing & subscriptions: Anything user based, whether it’s Office 365 or Managed IT services should be reviewed closely. Are you using all your licensing? Do you have duplicate tools that you could possibly eliminate when their term is up? Unused licensing and not trueing up users can be a missed opportunity for cost savings.
- Look at the data: Ask your team how IT support is working for them. Are there any frequent issues that could indicate a larger issue or something that just isn’t working? If you have Managed IT Services, your provider may be able to provide you with reporting on how you’re using the IT support you have. For instance, ADNET offers clients reporting options that show how many requests their team is submitting, how quickly they’re resolved and more – this can help you determine if you need to make any changes to your support plan.
- Manage risks. Focus on investing in ways to manage your risk. Whether that’s investing in strong partnerships that can help you, or technologies that can provide business continuity, it’s worth it to try and mitigate risks before they become issues.
- Look at the business goals for the next 3-5 years. Review the environment and ensure all IT initiatives help the business move forward in the right direction. Aligning your IT and Cybersecurity budgets to your goals creates a roadmap for success.
These basic budgeting tips can help you start planning ahead.
Tips for budgeting effectively in 2023
Plan for the unplanned. Is there a major decision on the horizon? Keeping the hybrid work model? Getting rid of the office? Now that everyone is working remotely, how are you keeping the workforce secure? If it doesn’t get planned, it doesn’t get done. It’s not a normal year and it hasn’t been normal since the pandemic. So, you need to anticipate things coming at you from left field. We’re hearing many organizations surprised by added costs, price increases and wait times from vendors and suppliers. Everything is more expensive – even higher energy costs can increase your overhead for staffing an office. If you’ve reduced your budget for reduced consumption over the past two years, you may come up short in 2023.
Some budget items to consider in 2023 include:
- Additional training for the staff, including soft skills, like communication and collaborating remotely.
- Increased prices on network equipment – there has been a market increase on these supply constrained items, raising prices across the board.
- Buying early to avoid shortages – there’s still an issue with some things being months or even a year on backorder due to the supply chain shortage.
Budget for digital transformation. Moving to the cloud and modernizing the workplace could play a key role in your organization’s business goals. If this is on the horizon for you, make sure you’re planning adequately for the project. Cost comparisons for cloud vs. on-premise can be helpful tools. That’s something we can help with.
If you haven’t put together your IT and cybersecurity budgets yet for 2023, reach out to us. We’re happy to provide guidance on what we’re seeing in your industry and make recommendations to help you meet your business goals.