Businesses to boost IT security budgets by up to 9% amid cyber risks

By Our Correspondent
December 21, 2024
A representational image showing a padlock with cyber security and binary code written in the background in this illustration on February 1, 2022. — Reuters
A representational image showing a padlock with cyber security and binary code written in the background in this illustration on February 1, 2022. — Reuters

LAHORE: Companies worldwide, including those in Pakistan, are planning to increase their IT security budgets by up to 9.0 per cent, as highlighted in the latest ‘IT Security Economics’ report by Kaspersky.

The report reveals that large enterprises had a median IT security budget of $5.7 million, with a total IT allocation of $41.8 million, while small and medium-sized businesses (SMBs) dedicated $0.2 million to IT security from an overall IT budget of $1.6 million.

This trend reflects a global response to rising financial losses caused by cyber incidents. Kaspersky’s annual ‘IT Security Economics’ report examines changes in IT security budgets, breaches, and challenges faced by decision-makers in the industry. The survey covered 27 countries, including Pakistan, across regions such as Europe, the Middle East, Turkiye, Africa, Latin and North America, and the Asia-Pacific.

Large enterprises reported an average of 12 cyber incidents this year, spending $6.2 million on recovery efforts -- 1.1 times higher than their allocated IT security budgets. While these enterprises are typically better equipped to detect incidents quickly, the time required to fully respond and mitigate threats often spans several hours, demonstrating the complexity of managing widespread IT environments.

For SMBs, the impact of cyber incidents was more pronounced. These businesses experienced an average of 16 incidents, spending $0.3 million on recovery -- 1.5 times their IT security budgets. This highlights the disproportionate financial burden SMBs face in dealing with cybersecurity breaches. Organisations in Pakistan, regardless of size, reported an average of 11 incidents over last year.

According to Vice President of Kaspersky’s Centre of Corporate Business Expertise Veniamin Levtsov, the increase in IT security budgets is driven by three main factors: the growing complexity of cybersecurity threats, the introduction of new regulations stemming from governments’ concerns over digital sovereignty, and the rising salary expectations for professionals in the cybersecurity field.

To safeguard against a wide range of cyber threats, Kaspersky recommends adopting comprehensive IT security solutions, such as its Kaspersky Next product line, which provides real-time protection, threat visibility and advanced investigative capabilities. Companies lacking in-house cybersecurity expertise are encouraged to use managed security services like Kaspersky Managed Detection and Response. Furthermore, employee education remains essential, with specialised training courses available through platforms such as the Kaspersky Automated Security Awareness Platform.

Businesses can also benefit from planning tools like Kaspersky’s IT Security Calculator, which offers detailed insights into security costs and budgeting. By investing strategically in cybersecurity, organisations can better protect themselves against evolving threats while minimising financial and operational risks.