But why?
Working from home (WFH) transitions, more help desk calls, an increase in tech support requests and a push for more digital transformation projects are creating new challenges. Meanwhile, cyberattacks and online risks are growing as public- and private-sector organizations are cutting budgets and staff hours across the country during the global pandemic.
So what can we learn from history?
A decade ago, times were also tough for state and local government technology budgets. Here’s what I wrote for this column in December, 2009:
“Are deeper budget cuts coming for struggling state and local governments? After a year filled with tough news regarding furlough days and more belt tightening, technology executives across the nation are pondering that question. Even as good news was announced yesterday regarding the unemployment rate falling to 10% in November, the holiday season remains focused on plans for 2010.”
Stateline.org recently wrote a piece that sounds eerily similar to what many governments are considering for their 2021 fiscal years. That article reported: After furloughs, states mull permanent cuts. Here’s an excerpt:
"Moving from furloughs of state employees to more permanent downsizing, states are girding for the deepest workforce cuts yet when they hammer out their fiscal 2011 budgets next year. In preparation, many are taking stock of every position in state government to determine what effect job cuts and the possible elimination of whole departments will have on revenues, expenses and the quality of government services."
Back to the Future: Where’s The Budget Trouble Today?
But before we discuss solutions with some helpful tips for our current situation, here are some recent headlines regarding the dire situation that states currently face:
Texas Tribune: Grappling with budget shortfalls, Texas cities prepare for hard choices - “The economic impact from the coronavirus pandemic has left some of Texas’ biggest cities facing a difficult choice: cutting services like libraries, pools and parks, or raising taxes on their residents in the middle of the worst economy in a generation.”
Seattle Times: Enrollment at regional colleges drops, leading to cuts - “So far, projections at the state’s two research universities, University of Washington and Washington State University, are holding up well.
It’s a different story, though, at Central Washington and Eastern Washington universities, which expect enrollment to fall by 10% or more. Both schools have already started outlining potential budget cuts; Eastern may lay off or reduce hours for as many as 400 employees. And because of the way the pandemic scrambled several application deadlines, some institutions, such as The Evergreen State College, still don’t know what to expect.”
Governing: How Hard Times of the Past Inform Today’s Government Challenges – “There are lessons to be learned from the way governments dealt with crises of the past, whether we are looking at threats to public health, social unrest or an economic catastrophe.
A hundred years ago, municipal governments faced daunting challenges, including political corruption, poor sanitation and inadequate infrastructure. The first city managers tackled the problems with a vengeance, making sure, for example, that water and sanitation systems reached all neighborhoods.”
Will There Be Security Cuts?
Maryland Reporter: Gov. Hogan’s $1.45B in cuts eliminate raises, cuts school security programs
Forbes: NASA Hit By 366% Rise In Cybersecurity Incidents After Budget Cuts - “What’s most alarming about AtlasVPN’s findings is not that NASA is one of the United States’ most important federal agencies. Rather, the increase follows a reduction in NASA’s cybersecurity budget across 2019, when the vast majority of major federal agencies saw their corresponding security budgets increase.”
Dark Reading: Local, State Governments Face Cybersecurity Crisis – “Ransomware hit small government organizations hard in 2019. Now they have to deal with budget cuts, pandemic precautions, social unrest, and the coming election cycle.
Already under attack by cybercriminals and ransomware operators, state and local government are facing heightened cybersecurity threats as they move into the second half of 2020, when they will be required to manage elections while dealing with hard economic choices, experts said this week.”
Dice.com: Cybersecurity Budgets: Will They Survive COVID-19? – “As the number of cybersecurity threats has increased over the last decade, CISOs and their teams have benefited from budget increases. This wellspring of security spending was meant to help organizations create more resilient infrastructures, repel outside attacks and reduce the risks presented by data breaches and leaks.
And now the COVID-19 pandemic may change all that.
As stay-at-home orders begin to lift and some workers begin to return to physical offices, organizations large and small are coming to grips with the aftermath of staying closed for months, with indicators signaling that many parts of the world could slip into an economic recession, or worse, a depression. As a result, overall IT spending is likely to take a hit, which may affect cybersecurity budgets, as well.”
Gartner: Gartner predicted that overall IT spending will decline 8% between 2019 and 2020, with areas such as enterprise software and IT services taking major hits, which could signal that organizations may also spend less on security software and services. One bright spot: With the increase in remote work, companies still plan to put more of their money into cloud services such as IaaS and SaaS as well as cloud-based collaboration tools.
A slightly more upbeat report from Gartner, released in June, found security spending would increase about 2.4% in 2020, but that’s lower than the original projection of 8.7%.
Security Brief (Europe) – In Europe, this report says, “Remote working trend bolsters cybersecurity investment - but downturn predicted.
This rise in engagement with cybersecurity brought total investment in the market to US $10.4 billion, which includes network security, endpoint security, web and email security, data security, and vulnerability and security analytics."
Here are the top five vendors for in terms of share of total cybersecurity investment:
- Cisco – 9.1% investment share
- Palo Alto Networks – 7.8% market share
- Fortinet – 5.9% market share
- Check Point – 5.4% market share
- Symantec – 4.7% market share
Helpful Tips For Budgets, Please!
So what can be done? Here are five tips to consider for a government near you:
1) Do your homework – Whatever your particular situation is, seek the advice and learn the lessons of those who have gone before you. There is no need to reinvent the wheel. In addition the articles above, here are some more helpful references:
- Michigan focused on awareness training in 2005 during a surge in cyberattacks at the same time as budget cuts.
- 2009 steps taken during budget cuts.
- 7 industry procedures for coping with budget from CIO Magazine in March 2020.
- What are other state leaders doing in 2020?
3) Consider the benefits of consolidation. Yes – there are always some silver linings to budget cuts, if you are able to recognize them in your current situation.
For example, after September 11, 2001, most of country slowly recovered from an economic downturn, but Michigan was in a recession for almost a decade. Budget cuts and furlough days were common, and staff reductions and early-retirements for staff happened on a regular basis.
But during these times, Michigan also further consolidated most technology functions into enterprise-wide groups with authority over areas such as help desk, security, application development and more. One of the benefits of budget cuts and staffing reductions meant that business areas happily surrendered the tech authority (and their staff) into these centralized groups – mainly because business executives saw that they couldn’t properly administer these functions given the cuts.
This enabled the newly former groups to perform their roles in excellent ways without turf battles and common backstabbing that can happened when reorgs get implemented during “good times.” Bottom line, the difficult budgets enabled everyone to pull together for the needed culture change and stopped the age-old adage “we’ve always done it this way. …”
4) Look for alternative funding sources and/or help on operational support. If your government does not have the funding required, look for state, federal or other grants. Consider public / partnerships and private sector help, where needed. Also, consider contacting and leaning harder on your industry Information Sharing & Analysis Centers (ISACs), like the MS-ISAC or other non-profit groups like NASCIO to help guide priorities.
5) Follow the money – what projects are getting funded? You likely need to change your tactics and strategies to support the current projects that businesses are funding. As I have said before, if you don’t have a boat, “Get on the boast that are leaving the dock.”
Final Thoughts – Should Cuts Be Postponed?
Beyond stimulus money already given to local governments, many are asking if the federal government will come to the rescue with additional stimulus dollars.
Take a look at this video, which calls for postponing cuts in Maryland:
One report by Moody's Analytics says that billions more will be needed to avert substantial layoffs: “… Perhaps $120 billion being sufficient to get states through the 2021 fiscal year. …”
One thing is clear, we can’t keep doing the same things are get a different result, so security and technology leaders need to be acting now.
