The $100 cybersecurity budget – how cyber pros would spend it


We’ve all heard that for maximum cybersecurity, we need them all: firewalls, VPNs, antiviruses, multiple encrypted backups with retina scanners, guard dogs, and electric fences. But what if you only had a measly $100 budget for cybersecurity? Here’s what the cyber pros would do with it.

Cybernews asked cybersecurity professionals how they would allocate a limited budget for the greatest impact on home security.

Many noted that $100 would not go very far. However, even a little attention to cybersecurity can make your home network and family safer. And there’s a lot you can do for free, such as enabling Multi-Factor Authentication (MFA).

Here, the similarities end – each piece of advice from four experts has a unique twist on cybersecurity, with various factors to consider.

Mack Taff puts priority on solid backup software – ransomware operators hate it

Firstly, you should focus on backup – it’s the ultimate protection from losing your precious data, Mack Taff, a Security Engineer at Visual Edge IT, a managed IT services, network security, and cloud computing solutions company, believes.

“A hundred dollars might not go far, but as far as priority for spending that, I would say start with a solid backup software. Ransomware operators hate that one trick. If there's more left over, a password manager software for all those cloud accounts (be sure to put MFA – multi-factor authentication – on all those, too!),” he said.

Sometimes, people forget about backups when using cloud-based file storage for data. However, to Taff, the cloud by itself is not a backup.

Next on the priorities list, he would focus on the firewall and endpoint (a fancy word for computer, phone, or any other device) security software, such as antivirus or anti-malware.

“Depending on career or location, it might be more important to have something like a secure VPN prioritized above a password manager, but I would almost always be recommending backup as number one. Be sure to encrypt them!” Taff said.

A more reasonable budget for an individual, according to him, would be closer to a few hundred annually, and that’s after the initial investment into a good firewall with some type of intrusion detection and prevention capabilities.

“That would leave room for a private VPN if required, DNS filtering software, cloud-based backups, a good password manager, and some decent endpoint protection software,” Taff said. “Backups are obvious and essential.”

For parents, he would recommend using DNS filtering solutions, which are easily implemented on a home or home office network and can prevent many malicious sites and downloads. Especially when kids often download software or games.

Shawn Waldman is focusing on endpoint protection

The choices of a cyber pro would be very different from those who are less tech-savvy, as revealed by Shawn Waldman, the CEO and Founder of Secure Cyber Defense, who has over 20 years of experience in cybersecurity and information systems.

“One of the first things I would purchase is the best endpoint protection that I can get.”

On a budget, he suggested prioritizing a comprehensive security solution that includes endpoint protection, as well as additional features like a password manager and a virtual private network (VPN) for enhanced security and privacy. Personally, Waldman said he would opt for the Premium Security Suite from Trend Micro, but individual needs and preferences may differ.

“The key to maximizing this investment lies in understanding how to effectively utilize these tools to ensure they're properly set up and functioning at their best. Purchasing top-notch products is only half the battle – the real value comes from being able to deploy and use them effectively, avoiding the pitfall of wasting money on unused capabilities.”

IT professionals appreciate the significance of not just purchasing but deeply understanding the tools they get. It’s very important to make sure the tools are set up properly and are always working.

“For consumers, prioritizing endpoint protection is crucial, yet the significance of a robust home firewall often goes unnoticed. This oversight becomes even more critical considering the surge in remote work, transforming many residences into official home offices,” Waldman said.

Working from home introduces a complex set of cyber challenges. Comprehensive protection is needed to cover the entire home network.

“Avoid wasting money on apps or services promising to speed up your system – such investments are seldom fruitful. Instead, allocate your resources towards high-quality cybersecurity tools, ensuring they are properly configured. This approach not only enhances your device’s security but often results in smoother, more efficient operation,” Waldman said.

He, too, noted that a $100 budget in the cybersecurity realm may not stretch far, but prioritizing endpoint security is a wise move to make early on.

“For personal protection, an annual budget of around $200 should suffice. This would cover a Microsoft 365 personal subscription along with a top-notch endpoint security solution. When it comes to safeguarding your home network, however, the conversation shifts,” Waldman noted.

For older people or less tech-savvy individuals, choosing the technology and making it work properly might be difficult or frustrating.

“Having a family member set it up and monitor it for them might be a good move.”

Kurt Sanger: start from free protocols, then – it depends

When it comes to security on a budget, the most important thing is to implement all of the free protocols first and practice good cyber hygiene, according to Kurt Sanger, Cybersecurity Expert at Batten Safe, a former Deputy General Counsel with US Cyber Command.

“Assuming you already have a router, there are some free things you can do to implement the first line of defense. First and foremost, change the default password to your home domain. Many people stick with the one provider by their service provider – not the right move,” Sanger said.

The list of free advice is extensive. Create a guest Wi-Fi account, especially if you frequently host guests or have an Airbnb. Start using complex passwords and be cognizant of the sites where you share personal information. Check this list for more.

“From there, it truly depends on your circumstances. If you have a family full of kids, it probably makes sense to spend the bulk of the $100 budget on a parental control solution like Aura. On the other hand, if you don't have kids, the all-in-one cyber solution would be the best bet, as you are covering yourself with all the core cyber tools under one platform at a good price,” Sanger said.

The router is the central hub of your home network, and it’s unlikely to find one under $100 delivering significant security value for the price.

“If you can afford the $300 router with strong encryption and a built-in VPN, I would make the purchase,” Sanger said.

The next most cost-efficient course of action would be implementing the free tips and spending $9 a month on an all-in-one security solution, combining VPN, Antivirus, and Password Manager, or buying them separately. VPNs add an extra layer of security to existing cyber hygiene.

“The baseline expectation for a well-rounded level of protection would start at $20 a month for families (need an all-in-one solution that encompasses a parental controls solution) and $12 for couples or individuals to get a baseline all-in-one solution to cover primary threat points,” Sanger pointed out.

Families with children need to apply an extra level of care as they start using the internet.

The threats are twofold: first, the internet poses a risk to the health and well-being of young people, and the second threat layer is the risk of children exposing personal family information online that can comprise identity. Sanger recommends that parents implement parental control software and set parameters for the type of content children are exposed to.

“Stick to the basics – protect the privacy of your connection, protect your passwords, and build from there,” Sanger concluded. “From our perspective, it all starts with good fundamental security and safe online practices – that is free!”

Shawn Loveland recommends buying an external hard drive

Shawn Loveland, Chief Operating Officer at Resecurity, has some original advice:

“To maximize cybersecurity on a budget of $100, it’s advisable to invest in an external hard drive to back up your device and cloud storage regularly. When the device isn’t actively being used for backup, unplug it from the device and keep it in a secure and fireproof location.”

However, there are several other actions a parent must take, and that won’t cost a penny. Loveland listed many worth repeating:

  • Family Online Safety Institute provides free online educational resources to enhance understanding of cybersecurity best practices.
  • Leverage reputable free antivirus software with a password manager, such as Windows Defender, which offers adequate protection against common threats.
  • Many ISPs offer a free firewall as part of their router. Ensure the firewall is correctly configured. Note this could be difficult since many ISPs’ default firewall configuration is insecure and requires the end user to configure it correctly.
  • Users must not jailbreak their devices and only install applications from known and reputable app stores and companies. Do not install high-risk applications such as pirated software or a Torrent client on your devices.
  • Ensure all software and hardware are up to date and have all their security patches installed. Uninstall unused and unsupported applications from all their devices.
  • Use unique and complex passwords for every account. When possible, enable non-SMS/Voice MFA on all online accounts. Google and Microsoft Authenticator apps are two examples of free MFA applications.
  • Only allow children to use PCs, phones, tablets, etc., from public places in the home. Do not allow children to use this technology in bedrooms, bathrooms, or other private spaces.
  • Ensure children understand why these precautions are in place. They are there to protect the child and not control them. That way, the child does not simply try to circumvent the safe environment the parents have set up by just going to the library or their friend’s house.
Shawn Loveland
Shawn Loveland

“Many operating systems offer family protection to prevent children from accessing inappropriate content. Configure family protection as the software recommends. Don’t configure a child’s account as an administrator and prevent them from installing applications outside of an authorized app store,” Loveland said.

Parents should also teach their children about online threats and people with ill intent, about privacy, and how actions taken by children can be illegal, such as piracy or sharing intimate pictures.

“It also will cause many conversations between parents and children, as children will want to do what their friends do in an unsafe environment,” Loveland noted.

If the budget allows, it’s recommended that parents provide their children with a separate computer and avoid sharing their PCs. Malware infection caused by the child can compromise banking, work-related, or other online accounts.