When budgeting for cyber security consider what you must do for legal and regulatory compliance, and what you should do for good security. As good security is a business enabler, do that first. Then analyse any compliance gaps and fill them. You should budget accordingly. How you decide to deal with risk is important: will you accept, avoid, transfer or mitigate? Let’s say you calculate…