The increased complexity of IT infrastructure, a need to improve the level of specialist security expertise, and geopolitical or economic uncertainty are the main factors driving cyber security spending for companies of all sizes, according to the latest edition of Kaspersky’s annual IT Security Economics report.
A PWC study states the heightened interest of businesses in cybersecurity caused by the increased use of digital technologies and the ever-evolving threat landscape has already resulted in improvements in IT security. To explore how much businesses currently spend on this crucial field and what their plans for further investments are, Kaspersky conducted 3,230 interviews across 26 countries from businesses with more than 50 employees. Out of which, 834 respondents were from Asia Pacific.
The poll suggests that IT budgets for cybersecurity are set to increase again over the next three years for both SMBs and enterprises to cover a range of issues. Median cybersecurity budgets in 2022 were US$3.75m for enterprises with $12.5m allocated for IT generally, while SMBs invested $150k in IT security from $375,000 median IT budgets.
In Asia Pacific (APAC), SMBs and enterprises here are set to increase their online defense budget by 3% more than the global average of 14%.
Among the reasons to increase cybersecurity spending, respondents from APAC especially noted the complexity of the IT infrastructure (61% for both local SMBs and local enterprises), and a need to improve the level of specialist security expertise (56% for both sectors). New potential risks occurring due to increased geopolitical or economic uncertainty were highlighted as reasons for investment increases of 45 percent in SMBs and 50 percent in enterprise organizations.
“The recent EY CEO Outlook Pulse revealed the combined pandemic-related disruptions, rising inflation, geopolitical tensions, and climate change haunted enterprises in the Asia Pacific region last year. Adding up to this are the cybersecurity incidents like data breaches and ransomware attacks which crippled major businesses in the region in 2022. Increasing spending on cybersecurity is a right step towards building companies’ defenses against cyberattacks and protecting their assets against black swans that 2023 may bring,” comments Chris Connell, Managing Director for Asia Pacific at Kaspersky.
| SMB | Ent | ||
| Recent security incidents our organization has experienced | % | 43.3 | 44.1 |
| Increased complexity of our IT infrastructure | % | 61.4 | 61.1 |
| Increased profits (so more money available) | % | 43.7 | 34.1 |
| To improve the level of specialist security expertise | % | 56.2 | 56.0 |
| Due to new business activities/expansion | % | 39.5 | 35.3 |
| Due to new locations of our business | % | 25.1 | 28.1 |
| Compliance / legal requirements | % | 29.9 | 29.1 |
| New risks occurred due to increased geopolitical or economic uncertainty | % | 44.6 | 49.8 |
Table 1: Top factors driving IT security budgets in APAC
The additional budgeting hopefully would help local companies in APAC address most concerning issues related to IT security. This year, just over half (59%) of businesses consider issues with data protection to be the most challenging. The second most important concern highlighted by 51% percent of respondents was the cost of securing increasingly complex technological environments, followed by issues with cloud infrastructure adoption (44%).
“Business continuity is ever depending on information security. Nowadays when infrastructure becomes more complex and cyber-attacks become more sophisticated, businesses are becoming more cyber aware and better understand the need for protecting every asset inside the organization,” comments Ivan Vassunov, VP, of Corporate Products at Kaspersky. “State regulations are another important factor influencing the growing budgets for information security. These organizations require businesses to keep their operations and data security. Sometimes regulators tighten rules for the whole vertical market or industry”.
To maximize the efficiency of cybersecurity investments and minimize the risk of any attacks and data breaches for businesses, effective endpoint protection with threat detection and response capabilities should be used. This essential level of endpoint protection is included in the Kaspersky Optimum Security framework. For organizations with a mature IT security function, the Kaspersky Expert Security framework additionally provides anti-APT, the latest threat intelligence, and dedicated professional training.
For SMBs and midrange enterprises, Kaspersky in Southeast Asia also has launched a Buy 1 Free 1 promo. Businesses can now enjoy two years of enterprise-grade endpoint protection for the price of 1 with Kaspersky Endpoint Security for Business or Cloud or Kaspersky Endpoint Detection and Response Optimum, with 24×7 phone support. Interested customers can reach out to [email protected].
To learn more insights about IT security costs and budgets in businesses in 2022 visit the interactive Kaspersky IT Security Calculator. The full report “IT Security Economics 2022” is available to download here.
