The cost of cyberattacks on large businesses in North America increased to an average of $1.3 million in 2017, according to research released this week by Kaspersky Labs.
The report IT Security: cost-center or strategic investment? shows the share of global IT budgets going to security rose from 17 percent (16 percent in North America) in 2016 to 20 percent this year (18 percent in North America), indicating an increase in the perceived importance of IT security.
Kaspersky said that spending increased across businesses of all sizes as a reflection of businesses starting to consider IT security as a strategic investment. While they increased as a share of overall IT budgets, global IT security spending actually dropped dramatically, according to Kaspersky, from $25.5 million in 2016 to $13.7 million this year.
That would seem to suggest that global IT budgets overall fell from an average of $150 million last year to a mere $68.5 million this year – a shocking development if true. Gartner forecasts global IT spending will increase by 2.4 percent from 2016 to 2017.
Kaspersky found that globally, cyberattacks cost an average of $992,000 for large businesses in 2017, up from $861,000 in 2016, and cost SMBs $87,800 this year, up from $86,500 last year, according to a blog post.
“While cybersecurity incidents involving third parties prove to be harmful to businesses of all sizes, their financial impact on a company has the potential to result in twice as much damage,” Alessio Aceti, head of the enterprise business division at Kaspersky Lab said. “This is because of a wider global challenge – with threats moving fast, but businesses and legislation changing slowly. When regulations like GDPR become enforceable and catch up with businesses before they manage to update their policies, the fines for non-compliance will further add to the bill.”
The increasing complexity of IT infrastructure is the top factor driving budget increases at North American companies in 2017, according to the report, whereas in 2016 it was new business activities and expansion.
The largest cost associated with data breaches at North American businesses is additional staff wages ($207,000), far beyond the cost of loss of business and employing external professionals ($21,000 each).
The company also announced the launch of the Kaspersky IT Security Calculator to help businesses make informed IT security decisions.
The report comes amid controversy for Kaspersky, as its products were banned from U.S. government use last week following a statement by the Department of Homeland Security expressing concern with the ability of the Russian government to pressure the company to leverage elevated privileges to access customer computers.