Solving GMIS’ biggest concern: How to actually fund cybersecurity

SHI is proud to have been a platinum sponsor for GMIS 2022, during which public sector agencies from over a dozen states convened to share best practices, case studies, and success stories across the IT landscape. We are thankful for the opportunity to meet with local officials as well as connect with many of our public sector customers; our representatives had a terrific time at the event, and we hope those in attendance did as well!

From left to right: John Minnella, PubSec District Sales Manager. Crystal Ledesma, Marketing and Events Sales Program Specialist. Shannon Smith, Marketing and Events Sales Program Specialist. Michael Esolda, Senior Director of Government and Education Affairs. Jeff Strane, Director of Government Strategy.

Throughout our conversations at GMIS 2022, attendees raised the same concern again and again: the needs for cybersecurity and cyber insurance are as prevalent as ever, but the answer to funding these initiatives remains a mystery.

We understand the sentiment – funding cybersecurity and cyber insurance can be rigorous processes for public sector agencies. Many organizations wait until it’s too late to prioritize security because, if a breach hasn’t happened yet, they must be doing something right! Right?

Cybersecurity’s struggles can be best summarized by the Futurama quote, “When you do things right, people won’t be sure you’ve done anything at all.” Effective cybersecurity solutions keep organizations safe from threat actors and malicious activity. But when the evidence of success is that nothing has happened, it can be easy for the cause of that success to seem less and less like a necessity.

So, how can you secure the funding you need for cybersecurity and cyber insurance?

Start by ensuring IT’s place at the table

It’s not uncommon for decisions on critical IT funding to occur without the agency’s biggest IT stakeholders. During GMIS 2022, IT leaders from across the country hosted a roundtable discussion about earning IT’s place at the decision-making table. To so do so, you need to help administrators and elected officials understand the intricacies of IT – and why funding initiatives like cybersecurity and cyber insurance is so important.

Leadership unacquainted with IT might reduce your organization’s technology initiatives in their mind to simply being does my computer work and is our Wi-Fi fast?  Presenting important technology solutions like zero trust, experience level agreements (XLAs), and extended detection and response (XDR) as approachable concepts helps justify your funding need and win support from non-IT stakeholders.

Build optimized solutions that work and cut costs

When you have the ear of your organization’s stakeholders, the solutions you present can’t come from a “universal” checklist of cybersecurity solutions. Your ideal security stack must be tailor-made to both tackle your organization’s needs and achieve your goals. It must be optimized to solve your cybersecurity painpoints while reducing cost over time.

CISO-as-a-Service, for example, was a common point of discussion at GMIS 2022. When working with the right partner, it can often be more cost effective to service out cybersecurity expertise than to hire and pay the salary of an in-house CISO.

Other security solutions and methodologies, like multifactor authentication (MFA) and zero trust, optimize the processes by which users access networks, devices, data, and applications. These streamlined processes increase user productivity while enhancing security, thus not only reducing the solutions’ total cost of ownership, but also potentially avoiding hikes to your cyber insurance premiums.

Explore all available grants and contracts

A great way to both secure the funding you need and earn brownie points with your organization is to lessen the burden on your budget with state/national contracts and grant funding. At GMIS 2022, many attendees didn’t realize the sheer breadth of contracts available to their organization, nor did they know resources such as the Grants Office exist to help agencies identify and apply for grant funding.

State and national contracts enable you to avoid the lengthy RFP process by locking the price of hardware, software, and services into fair, competitive, and pre-negotiated rates. Many contracts such as OMNIA Partners, Public Sector, NASPO ValuePoint, and Sourcewell can be applied to almost any IT purchase – including those related to cybersecurity. If you need guidance on identifying contracts available in your state, SHI’s dedicated Contracts team can pinpoint the best-fitting procurement vehicles for your needs.

To offset the cost even further, identify state and federal grants available for your cybersecurity initiatives. With over $600B in funding opened each year, grants enable you to procure and deploy IT solutions that otherwise may be out of reach for your organization. SHI partners with the Grants Office to consult on grant selection and guide you through the application process.

You don’t have to go it alone

Between the handshakes, fun, and friendly conversations, GMIS 2022 was a reminder that many public sector organizations struggle to meet the demands of the modern cybersecurity landscape. But by taking a deliberate approach to forecasting your needs, your IT teams can:

• Win the support of key funding stakeholders
• Lower your security initiatives’ total cost of ownership
• Relieve your budget with grant funding and state/national contracts

While funding cybersecurity can be overwhelming, working with an experienced, trusted partner like SHI can make the process of building, presenting, and procuring your mission-critical projects much easier.

If you’d like to learn more about how SHI can help you achieve your cybersecurity goals, contact our cybersecurity experts today.