Almost every IT project must, at some point, run the financial justification gauntlet. Even initiatives with broad organizational support, like ransomware mitigation, aren’t immune. IT security projects can be tougher to justify because they don’t typically reduce costs or increase revenue. Asking for data security funding triggers skepticism in many CFOs.