The increased complexity of IT infrastructure, a need to improve the level of specialist security expertise and geopolitical or economic uncertainty are the main factors driving cyber security spending for companies of all sizes, according to latest edition of Kaspersky’s annual IT Security Economics report.
A PWC study states the heightened interest of business in cybersecurity caused by the increased use of digital technologies and ever-evolving threat landscape has already resulted in improvements in IT security. To explore how much businesses currently spend on this crucial field and what their plans for further investments are, Kaspersky conducted 3,230 interviews across 26 countries from businesses with more than 50 employees.
The poll suggests that IT budgets for cybersecurity are set to increase again over the next three years for both SMBs and enterprises to cover a range of issues. Median cybersecurity budgets in 2022 were US$3.75m for enterprises with $12.5m allocated for IT generally, while SMBs invested $150k in IT security from $375,000 median IT budgets.
Among the reasons to increase IT security budgets, respondents especially noted the complexity of the IT infrastructure (52% for SMB for SMB and 57% for enterprise), and a need to improve the level of specialist security expertise (44% for SMB and 46% for enterprise). New potential risks occurring due to increased geopolitical or economic uncertainty were highlighted as reasons for investment increases for 36 percent in SMBs and 39 percent in enterprise organizations.
Top factors driving IT security budgets
The additional budgeting hopefully would help companies address most concerning issues related to IT security. This year, just over half (55%) of companies consider issues with data protection to be the most challenging. The second most important concern highlighted by 43 percent of respondents was the cost of securing increasingly complex technological environments, while issues with cloud infrastructure adoption followed (38%).
“Business continuity is ever depending on information security. Nowadays when infrastructure becomes more complex and cyber-attacks become more sophisticated, businesses are becoming more cyber aware and better understand the need for protecting every asset inside the organization,” comments Ivan Vassunov, VP, Corporate Products at Kaspersky. “State regulations is another important factor influencing the growing budgets for information security. These organizations require businesses to keep their operations and data secure. Sometimes regulators tighten rules for the whole vertical market or industry”.
