The IT Security Business Case: Sustainable Funding to Manage the Risks

This brief takes a holistic approach to constructing the case for enterprise IT security investment by outlining for the state CIOs the following steps: 

  • Understanding state government’s IT environment that drives the need for security 
  • Starting with an enterprise-wide IT risk assessment 
  • Making the case for IT security through demonstrating the risks (bolstered by the IT risk assessment results), the benefits of security, and how security aligns with the state’s business needs.