Cover Image for 4 Keys to Cyber Investment: Speaking Your Board’s Language

4 Keys to Cyber Investment: Speaking Your Board’s Language

08.08.23 | By Ascent Solutions

Technologists know the most compelling reason to buy is efficiency. Technology has the power to make the user’s life easier. More work, less money. Sounds like a solid deal on the surface.

The reality is a bit more complicated. Instead of office productivity tools, imagine you’re a cybersecurity leader. If you’re on a call with your board or executive team, which conversation would you rather have? “If you budget 1 million for this service, we can avoid a breach,” or “If we budget 1 million for this service, it will increase our productivity output by 20%”?

Does your board care about the how or the why?

We’d all go for the latter option, right? But often cybersecurity leaders communicate brainy applications instead of outcomes. “This is the coolest tool to do this specific thing” often isn’t as effective as dollars and cents. Instead of telling executives how you solve the problem, show them the why. What’s the best way to communicate the why? We’d argue it’s the technology’s total cost of ownership.

What is total cost of ownership?

It’s the cost it takes to buy, maintain, and leverage the technology stack your business uses for daily operations. That includes the practitioners needed to run the tool, licensing fees, maintenance, and change management to adopt.

How does cybersecurity support business growth?

Typically, security gets its own budget category outside of IT and business technology, but we’d argue it’s a crucial component to business growth. If a business doesn’t develop its operations with security in mind, implementing it later when the business is “big enough” necessitates breaking existing technology and building it back up with security controls.

1: It reduces business interruption.

It’s like building an office for a startup but not including an AC because the founders didn’t have the initial budget dollars. Once the startup breaks profitability, leaders decide AC is crucial for employee success in office, but the construction causes significant business disruption. Because the business waited to add HVAC, there’s multiple costs beyond just hiring a contractor for construction. Believe it or not, cybersecurity is just as integral or more so to business success.

2: It increases employee success.

Aside from the operational elements of security, most executives also respond well to technology as a tool for employee success. Does it make your employees’ hate their jobs less? Say the quiet part out loud to executives. That’s an intangible (but no less important) support to the total cost of ownership for a technology solution.

3: It minimizes shadow IT.

It’s important to account for the needs of your organization beyond a policy document. If there are exceptions your employees may need to make, create a process around it. Exceptions (and the shadow IT needed to get around exceptions) are expensive and insecure. If you identify appropriate exceptions, proactively manage those.

4: It’s cost effective.

At the end of the day, which technology has the least total cost of ownership? Often, it’s a unified platform with multiple applications. We recommend Microsoft. Once your employees know the platform, it’s often easier to interface across programs when the technology follows similar rules. I can tag a coworker in a Teams channel chat and tag a coworker in Viva Goals. Outlook connects my documents to OneDrive for easy access and searchability. And so on.

Future-proof your business.

Especially for small to medium-size businesses, future-proof your processes as much as possible. If you’re not growing in size but you would like to grow in revenue, the same is true. Often, adding capabilities in a smaller organization means HR, finance, and recruiting are growing even if other elements of the business appear to stay steady.

We want your cybersecurity to be an enabler of business success. Ascent consultants assess your environment, security roadmap, and the total cost of ownership for your current technology stack + future security goals. If you’re interested in a total cost of ownership assessment, reach out to

Share this Post
Whether you’re starting your cybersecurity journey or you’re improving your security posture, our team is passionate about protecting your people and business.
Why Purdue Model Level 0 Is the Most Important to Secure

February 6, 2024 – If you had to divide a business into operating layers and prioritize by importance, how would you do it? Cybersecurity strategy must rank which risk is most likely to topple a business’ continuity.

Enabling Microsoft Security Copilot

December 19, 2023 – Security Copilot is Microsoft’s generative AI complement to its unified security platform. Here’s how to plan a security-aware implementation.

How to Respond to the United States AI Executive Order

December 12, 2023 – How should businesses respond to the United States’ AI Executive Order?