News and Insights – November 2017

As 2017 nears its end, many Argentine businesses are finalizing next year’s IT budgets. But for many SMBs, cybersecurity often remains a vague or sidelined topic—either underfunded or misunderstood. This month, we take a deep dive into the strategies, figures, and justifications that can help your team secure the funding needed for modern protection.

Why Cybersecurity Must Be Budgeted Proactively

According to the 2017 Global State of Information Security Survey, over 60% of SMBs experienced some form of cyberattack in the last year. Argentina, while less frequently targeted than some regions, has seen a steady increase in ransomware, phishing, and insider threat cases. Yet many companies still allocate less than 5% of their IT budgets to security, a proportion that’s simply no longer viable.

Common Budgeting Mistakes

• Underestimating risk: Believing cybercriminals only target large enterprises
• Failing to allocate for training: Ignoring the human factor in breaches
• One-time spending: Viewing cybersecurity as a single project instead of a continuous process
• Ignoring compliance costs: Not accounting for emerging data protection regulations

What Should Be in Your Cybersecurity Budget?

• Firewall and network protection upgrades
• Security audits and risk assessments
• Cyber awareness training for staff
• Backup and recovery testing
• Endpoint detection and response tools
• Incident response planning and tabletop exercises
• External support and advisory services

How to Justify the Spend

When presenting a budget to decision-makers, focus on:

• Risk reduction metrics: Projected decrease in incident response time or data loss risk
• Cost avoidance: Avoiding fines, recovery costs, or downtime associated with breaches
• Compliance alignment: Readiness for laws like Argentina’s Data Protection Law (Ley 25.326)
• Reputation management: Preventing PR fallout from avoidable security failures

Planning for 2018: Our Recommendations

We recommend allocating 8–10% of your total IT budget to cybersecurity. Not all of this must be new technology—some of the most effective spending happens in training and assessment. Make your security roadmap part of your board-level planning. A layered defense, proactive audit cycle, and regular training updates will yield far more value than chasing one-off tools.

Need help getting started? We’ve built a Cybersecurity Budget Planner to help you structure and justify your next budget round. Here is your Cybersecurity Budget Planner.