--- title: "Cisos and cybersecurity in an economic downturn: do more with less" page_name: "CISOs and cybersecurity in an economic downturn: do more with less" type: "blog" slug: "cisos-and-cybersecurity-in-an-economic-downturn-do-more-with-less" published_at: "2023-06-20" modified_at: "2025-11-19" url: "https://www.sumologic.com/blog/cisos-and-cybersecurity-in-an-economic-downturn-do-more-with-less" canonical: "https://www.sumologic.com/blog/cisos-and-cybersecurity-in-an-economic-downturn-do-more-with-less" markdown_url: "https://www.sumologic.com/blog/cisos-and-cybersecurity-in-an-economic-downturn-do-more-with-less.md" lang: "en" excerpt: "Sumo Logic provides best-in-class cloud monitoring, log management, Cloud SIEM tools, and real-time insights for web and SaaS based apps." taxonomy_blog_category: - "Cloud SIEM" - "SecOps & Security" --- [ All blogs ](https://www.sumologic.com/blog "blog")[Cloud SIEM](https://www.sumologic.com/blog/cloud-siem), [SecOps & Security](https://www.sumologic.com/blog/secops-security) # CISOs and cybersecurity in an economic downturn: do more with less [Dana Torgersen](#blog-author-block-115) June 20, 2023 4 min read [Cloud SIEM](https://www.sumologic.com/blog/cloud-siem), [SecOps & Security](https://www.sumologic.com/blog/secops-security) ##### Table of contents The financial outlook for the rest of 2023 and 2024 is far from cheery, and economic uncertainty is affecting everyone and everything, including the cybersecurity sector. Security budget cuts or freezes are the course many organizations are tempted to take in this financially precarious situation. Conservative spending is a natural response to the present economic downturn and a possible recession knocking on our doors, implying fewer clients, lower profits, and higher costs. Should organizations like yours reduce or freeze cybersecurity spending? What can a [chief information security officer](https://www.techtarget.com/searchsecurity/definition/CISO-chief-information-security-officer) ([CISO)](https://www.techtarget.com/searchsecurity/definition/CISO-chief-information-security-officer) do to meet stakeholders’ expectations while keeping sight of your security team’s interests and protecting the organization? ## How can cybersecurity budget cuts and freezes affect your organization? There are good reasons to believe that security budget cuts, especially if they include layoffs, are not the most prudent way to fend off economic headwinds. ### A strong correlation between an economic crisis and a substantial increase in cybercrime As George Gerchow, Sumo Logic’s Chief Security Officer, noted during a recent [HackerOne event](https://www.techrepublic.com/article/hackerone-cybersecurity-teams-economic-impact/#security), “Whenever there are times of high anxiety, such as an economic downturn coming off of a pandemic, bad actors are at their best.” The FBI’s annual [Internet Crime Reports](https://www.ic3.gov/) confirm this. The reports from 2008 and 2009 — remember, this is the period of “[the worst economic disaster since the Stock Market Crash of 1929](https://www.investopedia.com/terms/f/financial-crisis.asp)” — show drastic increases in the complaints received compared to the years before and after the global financial crisis. The number of complaints in 2007 was [206,884](https://www.ic3.gov/Media/PDF/AnnualReport/2007_IC3Report.pdf). In 2008, it grew to [275,284](https://www.ic3.gov/Media/PDF/AnnualReport/2008_IC3Report.pdf) — a staggering **33.1% increase** compared to the previous year. In 2009, the FBI’s Internet Crime Complaint Center recorded [336,655](https://www.ic3.gov/Media/PDF/AnnualReport/2009_IC3Report.pdf) complaints — **22.3% more** than in 2008. For comparison and to better understand how fertile ground a prolonged economic downturn can be for cyber attacks, the number of complaint submissions in 2010 (right after the end of the crisis) not just didn’t increase but dropped to [303,809](https://www.ic3.gov/Media/PDF/AnnualReport/2010_IC3Report.pdf). The economic disruption during the height of the COVID pandemic tells a similar story, with a record-breaking [increase of 69% in internet crime complaints in 2020](https://www.ic3.gov/Media/PDF/AnnualReport/2020_IC3Report.pdf). From this perspective, reduced or flat security budget, spending, and headcount can only worsen things, leaving your organization open to more vulnerabilities, threats, and attacks. ### Cyber attacks are cheaper to prevent than to repair According to the [Cost of a Data Breach Report 2022](https://www.ibm.com/downloads/cas/3R8N1DZJ): - **$4.35 million** is the global average cost of a data breach, the highest national being **$9.44 million** in the United States - **83%** of the studied organizations have experienced multiple data breaches - **60%** of the breaches resulted in increased prices for customers - **$4.54 million** is the average cost of a ransomware attack (without including the amount organizations have paid as a ransom) - **277 days** on average — this is how long it takes to detect and contain a breach Considering the numbers above, reported cases of [small and midsize businesses going bankrupt](https://www.mckinsey.com/capabilities/risk-and-resilience/our-insights/cybersecurity/new-survey-reveals-2-trillion-dollar-market-opportunity-for-cybersecurity-technology-and-service-providers) due to a cyberattack, hard-to-measure variables such as reputational damage, and potential spillover of attacks’ effects from one organization and sector to another, it is puzzling how a reduced or flat security budget can help you build or maintain a strong security posture. A cybersecurity budget cut or freeze is hardly the solution for organizations amid the current economic disruption. If anything, it can be part of the problem. Unfortunately, a recent HackerOne study reported that more than a few companies have already made or planned to carry out [security budget cuts and layoffs](https://www.hackerone.com/press-release/economy-slows-headcount-and-resource-cuts-harm-security-teams-ability-combat-threats). So, if push comes to shove, what should you do to ensure your organization is secure as best as possible and minimize the fallout from reduced security spending? Forrester has some constructive suggestions. ## Forrester: CISOs in a corrective period In its [CISOs, Time To Pay Down Your Security Debt](https://www.sumologic.com/brief/forrester-report-cisos-time-to-pay-down-your-security-debt/) report, Forrester notes that after a decade of security spending and budget growth, CISOs have entered an economically less favorable period, which it calls a corrective period. As the term suggests, this is when CISOs can correct the (probably inadvertent) mistakes of the past, make a creative turn, and adjust their cybersecurity infrastructure for the future. To pull off this extraordinary feat, CISOs must: - Reevaluate their security strategy created for different times — before the advent and popularization of artificial intelligence (AI). - Eschew “good enough” security solutions and focus on technologies steadily shaping the future, such as cloud computing, APIs, and [security orchestration and automation](https://www.sumologic.com/guides/soar/). - Concentrate on staffing challenges like security professionals nurturing or gaining skills in state-of-the-art technologies (e.g., AIOps and serverless security). This is sound expert advice, but it is somewhat general. What precise moves can you make to apply these guidelines in practice to avoid a checkmate and stay in the game? Following the Forrester recommendations — some closely, others loosely — we can say that security leaders should do the following: - [Consolidate tools](https://www.sumologic.com/solutions/tool-consolidation/) - Automate repetitive and streamline burdensome and complex tasks - Reconsider costly point solutions (e.g., expensive log management platforms with inflexible pricing) - Measure progress using concrete values such as [security KPIs](https://www.sumologic.com/blog/how-smart-are-your-security-program-kpis/) - Invest in proficiency in future-proof cybersecurity skills ## How to do more with less ### Consolidate your security tools [Tool consolidation](https://www.sumologic.com/blog/it-tool-consolidation-best-practices/) means simply decreasing the number of IT tools. There are multiple reasons why you would want fewer solutions in your security stack, the principal three being the following: 1. Tool consolidation increases **simplicity**, potentially turning even the most complex tool stacks into comfortably operable systems. 2. Tool consolidation allows you to **dispose of redundancy**, meaning overlapping and unnecessary security capabilities. 3. Tool consolidation can significantly **lower costs**, enabling you to optimize your security stack despite any budget cuts. ### Automate everything you can Automation is widely regarded as one of the best ways to [address ](https://hbr.org/2023/05/where-to-focus-your-companys-limited-cybersecurity-budget)cybersecurity’s challenges. And with the obstacles the current economic insecurity creates for CISOs on top of their everyday challenges, its benefits become even more apparent. [Security automation](https://www.sumologic.com/blog/no-code-vs-low-code-and-near-no-code-security-automation/) brings numerous benefits: - It allows you to [investigate threats](https://www.sumologic.com/solutions/cloud-siem/#automation) and [respond to incidents](https://www.sumologic.com/solutions/cloud-soar/) much **faster with fewer resources**. - It makes it possible to **do away with costly** — in terms of time, energy, and money — duplicative and burdensome manual and, generally, inefficient procedures and tasks. - It enables you to **alleviate** the consequences of **cybersecurity staff and skill shortages**. ### Consider highly integrated platforms with flexible pricing The main advantage of an integrated platform — a unified cybersecurity system where multiple security solutions, such as [security analytics](https://www.sumologic.com/solutions/cloud-security-analytics/), SIEM, and SOAR, converge into one — is that they usually offer diverse functionalities at a fraction of the cost of point solutions. If, on top of this, the platform includes flexible pricing, CISOs can save noticeably without significant trade-offs that heighten the risk of compromising their organizations’ security. ## Conclusion The current global economic conditions are hardly conducive to cybersecurity growth and prosperity. Nonetheless, CISOs can make the best out of the situation by grabbing the opportunity to pay down their security debt accumulated over the years, as Forrester vividly describes this phenomenon. Read the full [Forrester report](https://www.sumologic.com/brief/forrester-report-cisos-time-to-pay-down-your-security-debt/) and learn how Sumo Logic can help you consolidate tools and automate security operations while embracing a flexible pricing system. ### Article Tags - [Cloud SIEM](https://www.sumologic.com/blog/cloud-siem) - [SecOps & Security](https://www.sumologic.com/blog/secops-security) Dana Torgersen Senior Director, Security Product Marketing, Sumo Logic Dana leads product marketing for Sumo Logic security solutions. He is a 17-year veteran in the information security industry with expertise in cloud threat detection and SIEM tools, endpoint detection and response, and network security technologies—including firewalls, web protection, and email security. Before joining Sumo Logic, Dana held product and technical marketing roles at JASK, Malwarebytes, Illumio, Palo Alto Networks, Intel Security, McAfee, and Secure Computing. You can follow him on Twitter @DaToTweet [](https://www.sumologic.com/feed "RSS Feed")[](https://twitter.com/intent/tweet?text=CISOs%20and%20cybersecurity%20in%20an%20economic%20downturn%3A%20do%20more%20with%20less&url=https%3A%2F%2Fwww.sumologic.com%2Fblog%2Fcisos-and-cybersecurity-in-an-economic-downturn-do-more-with-less "X")[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.sumologic.com%2Fblog%2Fcisos-and-cybersecurity-in-an-economic-downturn-do-more-with-less "Facebook")[](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fwww.sumologic.com%2Fblog%2Fcisos-and-cybersecurity-in-an-economic-downturn-do-more-with-less "Linkedin") [Previous blog The impact of being surrounded by passionate colleagues](https://www.sumologic.com/blog/employee-spotlight-beth-glowacki)[Next blog Responding to remote service appliance vulnerabilities with Sumo Logic](https://www.sumologic.com/blog/appliance-vulnerabilities-sumo) People who read this also enjoyed [ Before you replace your SIEM: AI-driven security requires operational context, not just centralized data May 21, 2026 ](https://www.sumologic.com/blog/before-you-replace-your-siem)[ Closing the AI compliance and visibility gap: Integrate the Claude Compliance API with Sumo Logic May 21, 2026 ](https://www.sumologic.com/blog/sumo-logic-claude-compliance-api-integration)[ How to secure cloud workloads without building a full-scale SOC April 30, 2026 ](https://www.sumologic.com/blog/secure-cloud-workloads-with-limited-resources)[ Observability is security (We just pretended it wasn’t) April 28, 2026 ](https://www.sumologic.com/blog/observability-is-security) [AI Instructions](https://www.sumologic.com/ai-instructions.md)