The increased complexity of IT infrastructure, a need to improve the level of specialist security expertise and geopolitical or economic uncertainty are the main factors driving cyber security spending for companies of all sizes, according to latest edition of Kaspersky's annual IT Security Economics report.
A PWC study states the heightened interest of business in cybersecurity caused by the increased use of digital technologies and ever-evolving threat landscape has already resulted in improvements in IT security. To explore how much businesses currently spend on this crucial field and what their plans for further investments are, Kaspersky conducted 3,230 interviews across 26 countries from businesses with more than 50 employees. Out of which, 834 respondents were from Asia Pacific.
The poll suggests that IT budgets for cybersecurity are set to increase again over the next three years for both SMBs and enterprises to cover a range of issues. Median cybersecurity budgets in 2022 were US$3.75m for enterprises with $12.5m allocated for IT generally, while SMBs invested $150k in IT security from $375,000 median IT budgets.
In Asia Pacific (APAC), SMBs and enterprises here is set to increase their online defense budget 3% more than the global average at 14%.
Among the reasons to increase cybersecurity spending, respondents from APAC especially noted the complexity of the IT infrastructure (61% for both local SMB and local enterprise), and a need to improve the level of specialist security expertise (56% for both sectors). New potential risks occurring due to increased geopolitical or economic uncertainty were highlighted as reasons for investment increases for 45 percent in SMBs and 50 percent in enterprise organisations.
"The recent EY CEO Outlook Pulse revealed the combined pandemic-related disruptions, rising inflation, geopolitical tensions, and climate change haunted enterprises in the Asia Pacific region last year," says Chris Connell, Managing Director for Asia Pacific at Kaspersky.
"Adding up to this are the cybersecurity incidents like data breaches and ransomware attacks which crippled major businesses in the region in 2022," he says.
"Increasing spending on cybersecurity is a right step towards building companies defenses against cyberattacks and protecting their assets against black swans that 2023 may bring."
The additional budgeting hopefully would help local companies in APAC address most concerning issues related to IT security. This year, just over half (59%) of businesses consider issues with data protection to be the most challenging. The second most important concern highlighted by 51% percent of respondents was the cost of securing increasingly complex technological environments, followed by issues with cloud infrastructure adoption (44%).
"Business continuity is ever depending on information security," says Ivan Vassunov, VP, Corporate Products at Kaspersky.
"Nowadays when infrastructure becomes more complex and cyber-attacks become more sophisticated, businesses are becoming more cyber aware and better understand the need for protecting every asset inside the organidation," he says.
State regulations is another important factor influencing the growing budgets for information security. These organisations require businesses to keep their operations and data secure. Sometimes regulators tighten rules for the whole vertical market or industry.