Even though COVID-19 saw an unprecedented number of layoffs and budget cuts for enterprises across the world, cybersecurity remained to be one of the key areas of investments, especially for SMBs. A new report by Kaspersky titled “Investment adjustment: aligning IT budgets with changing security priorities” suggested that SMBs on average spent $275k for cybersecurity in 2020, which was $8000 more than the previous year.
The report highlighted that 71% of SMBs and bigger enterprises are planning to increase their cybersecurity spending in the next three years, while only 17% plans to keep its spending unchanged. “For those SMBs looking to increase their security spend, one of the top three drivers was cited as wanting to increase security spend in response to the increased complexity of IT infrastructure (43% compared to 36% the previous year),” the report added. “This is followed by the need to improve internal specialist security expertise (39%) and for a third (34%) of SMBs, senior-level management wants to increase budgets to improve company defenses.”
The report also found that the share of security in overall IT budgets has grown from 23% in 2019 to 26% in 2020 within SMBs, and from 26% in 2019 to 29% in 2020 for enterprises. Another key finding was that the average cost of data breaches decreased to $101k for SMBs and $1.09 million for enterprises in 2020, compared to $108k and $1.41 million in 2019. While for companies and SMBs who were looking at reducing their cybersecurity spending, the only driving factors were senior management within enterprises who had no reason to invest so much in the future at 32%, while SMBs which are cutting down their overall expenses at 29%.
“MSMEs are doing the best they can but having to account for a suddenly expanded network to manage employees who will be using a mix of home and corporate devices for their role. They must rely more upon the security awareness of users to prevent the spread of malware, but this is a challenge,” Laurence Pitt, Global Security Strategy Director at Juniper Networks, told CISO MAG in a recent interview.
To conclude, COVID-19 has brought cybersecurity into the limelight even for many SMBs.