Cyber Security Investment: A Structured Approach
As organisations expand their digital footprints, there are increasing risks to their information assets and their ability
to operate and maintain services. These risks prompt expenditure on cyber security and introduce the challenge of
rationalising this spending with the organisation’s wider investment approach.
This guide provides practical advice on how organisations can structure their approach to cyber security investments and manage a delivery programme that is aligned to their strategic and financial governance. The guide is designed for both government and non-government organisations of varying sizes and capabilities.
This resource accompanies the NCSC’s advice on supply chain cyber security, incident management, and organisational cyber security governance.