January 18, 2023

Table of Contents

Last Updated on January 15, 2024

In a slow economy it’s tempting to cut corners whenever you think you can. But when it comes to cybersecurity, be careful how deeply you cut.


To outline the strategic importance of maintaining a solid security posture in a difficult business climate, John Verry, Pivot Point Security CISO and Managing Partner, recently recorded a special briefing episode of The Virtual CISO Podcast.

Preserving value
The purpose of most security investments is to mitigate risk and preserve business value. If you fail to make those investments, you risk losing orders of magnitude more value than you can ever hope to save by scrimping.

“If you think about the average cost of an SMB data breach being about $110,000, in a time of economic downturn having some unfortunate situation of that nature and the associated loss of customers would put you in an even worse position,” advises John. “My suggestion is to continue to make the investments that need to be made in security. Make them judiciously, of course, but make sure you do that.”

Creating value
John notes that SMBs with strong process maturity may even make additional security investments during an economic slump, to boost competitiveness and brand image.


“Continuing to make the investments that you’re making is continuing to mitigate risk,” John points out. “I think of that as value preservation. Making additional investments adds a value creation component—good security and compliance as a business enabler. It’s something that facilitates selling.”

In a slow economy, fewer competitors will be investing in security, giving better positioned orgs a chance to competitively differentiate themselves by moving forward when others are treading water or backsliding.

Another justification for investing in security in a hard times is that you need to win a higher percentage of the available business.

“There will be business there. It might be 10% less; it might be 20% or 30% less,” John relates. “So, you need to win a higher percentage to maintain your organization in good health.”

Winning on the rebound
Another benefit of continuing to make security investments is that when things turn around, your business will be better positioned than competitors to innovate, tap new markets, and drive growth. Those who failed to maintain their security postures will be playing catchup.

“During a downturn, weaker competitors get weaker and they disappear from the market,” John states. “If you’ve made the right investments, when we come out the back end of this downturn (assuming there is one) you’re going to be a lot better positioned from a competitive standpoint.”

What’s next?

To catch the full briefing episode on “security in a down economy” with podcast host John Verry, click here.


Ready to get started with your cybersecurity strategy? Here’s a helpful blog post: Got an Information Security Strategy? Here’s How to Get Started.

PPS Brief

Pivot Point Security PPS in Brief
Download our PPS in Brief