Federal executives continue to grapple with how best to allocate funds in addressing prevalent and emerging cyber threats. Federal agencies can empower executives in the fight against cyber crime by taking three calculated actions:
1. Size – Measure overall risk exposure across the organization's value chain
2. Monetize – Adopt a defensible framework for quantifying the benefits of cybersecurity investments
3. Operationalize – Incorporate cybersecurity activities into the annual capital planning and budgeting process
Taking these steps will help federal organizations make more calculated cyber investment decisions and channel available funds to address the highest priority security needs.