Cyber cost optimization

Working with CISOs to identify efficiencies, savings, cost re-distribution, and re-investment opportunities across the cyber security function.


Businesses are expecting Chief Information Security Officers (CISOs) to do more with less

After years of growth and spending to establish tailored cyber security capabilities for their specific risk and threat landscapes, economic turbulence is forcing many businesses to revisit cyber security program portfolios in search for opportunities to reduce operating costs. In the current environment, no ‘back office’ organization can expect to be shielded from budgetary scrutiny, including cyber security. While this is a fundamental shift, it is widespread and placing significant pressure on many CISOs, who need to continuously invest in their capabilities to remain one step ahead of adversaries.

The KPMG Cyber cost optimization capability is an offering designed to analyze program capabilities, identify efficiencies, savings, cost re-distribution, and re-investment opportunities across the Cyber Security function.

Common challenges and corresponding cost optimization opportunities

There are various strategies to achieve cost efficiencies without compromising security posture or decelerating strategic roadmaps. By thinking creatively, CISOs can work proactively with the enterprise to share the burden of cost pressures.

Challenge Cost optimization opportunity
Cash preservation
  • Pause discretionary spend
  • Pause “low-risk” review and testing activities
Increasing third-party security spend
  • Value-driven contract renegotiation
  • Organizational “rightsizing”
Underutilized or overlapping security tools, and an abundance of security project
  • Security tool rationalization
  • Cost versus reward project rationalization
Inefficiencies in delivering cyber security services
  • Transitioning repeatable commodity tasks to low cost providers
  • Repositioning FTEs to value-driven roles
Manual, disparate, and siloed security processes
  • Convergence and de-layering
  • Automation
  • Self-service enablement


Deep cyber domain experience

KPMG has experience in designing and building lean cyber programs, with a low and sustainable cost base. We understand the functional and strategic interdependencies which permeate the cyber organization. Our approach is tailored to your specific technological and business environment and we will build a strategy for reduced funding that seeks to minimize adverse impacts to your organization’s cyber posture.

Accelerators for rapid cyber cost optimization opportunity identification

 Our rapid assessment is enabled by proprietary tools and accelerators with skilled cyber practitioners, trained in executing against domain-specific diagnostic hypotheses. We provide prioritized recommendations which are tailored to the urgency of your cost takeout and portfolio optimization needs.

Engagement throughout the cyber cost optimization lifecycle

We have multidisciplinary teams to support you in executing cyber cost optimization levers. We also bring a suite of capabilities to embed sustainability in the change management process and can help you as you realize and measure your cost optimization impact.

Cyber cost optimization
Download the information

Our people

Rik Parker

Rik Parker

Principal, Cyber Security Services, KPMG LLP