Kaspersky’s IT Security Economics reported that companies are planning to increase their investments in information security to offset the growing financial losses from cyber incidents.
The annual report delves into the evolving landscape of IT security budgets, breaches, and business challenges faced by decision-makers. It’s based on interviews with IT and IT security professionals from diverse organizations across 27 countries, including Europe, the Asia-Pacific region, the Middle East, Turkey, Africa, Latin America, and North America, providing valuable insights into the current state of IT security.
According to the research, companies plan to increase their IT security budgets by up to 9%. The median cybersecurity budgets for large enterprises were USD5.7M with USD41.8M allocated for IT generally, while SMBs invested USD0.2M in IT security from a median IT budget of USD1.6 M.
A possible reason for this is the analyzed financial losses from cyber incidents. Large enterprises experienced an average of 12 incidents this year, spending USD6.2M to recover from them —1.1 times higher than the budget allocated for IT security overall.
Despite possessing greater resources and advanced security infrastructures, large enterprises remain vulnerable to costly breaches due to their sheer scale and complexity. While these enterprises are often better equipped to detect incidents quickly, the time needed to fully respond and mitigate threats can extend for hours, highlighting the difficulty of managing expansive and intricate IT environments.
As for SMBs, they experienced an average of 16 incidents this year while spending USD0.3M for remediation, which is 1.5 times higher than their overall IT Security budget. SMBs are most affected by IT security budget constraints. They often lack robust cybersecurity policies and procedures, leaving them vulnerable to incidents involving employees, public cloud misconfigurations, and high-level permissions.
To protect companies against a wide range of cyber threats, Kaspersky recommends:
- Use all-encompassing solutions from Kaspersky Next product line providing real-time protection, threat visibility, advanced investigation, and response capabilities for companies of any size and industry. Depending on current needs and available resources, companies can choose the most relevant product tier and easily migrate to another one in case of changing cybersecurity requirements.
- Adopt a managed security service such as Kaspersky Managed Detection and Response if companies lack qualified InfoSec professionals. It will provide the necessary expertise and give them the best possible advanced automated security services. Thanks to its analysis of corporate data gathered daily, in real-time, and 24/7, it can shield businesses against sophisticated cyberattacks.
Gain more insights about IT security costs and budgets in businesses through the interactive IT Security Calculator. The “IT Security Economics” report can be found on Kaspersky’s website.
Baddiehub I’m often to blogging and i really appreciate your content. The article has actually peaks my interest. I’m going to bookmark your web site and maintain checking for brand spanking new information.