Third-party cybersecurity failures cost businesses the most

Posted on Sep 26 2017 - 10:58am by Upgrade Staff

While more companies are investing in cybersecurity regardless of ROI (63% in 2017 compared to 56% in 2016), a new study from Kaspersky Lab and B2B International has found that the average cost of a cybersecurity incident is growing.

According to the report ‘IT Security: cost-center or strategic investment?’, the most costly cybersecurity breaches for businesses of all sizes result from the failures of third parties, which means that companies should not only invest in their own protection, but also pay attention to that of their business partners.

Kaspersky Lab_IT-sec-economics-report_1.jpg

This year’s study reveals promising developments in the importance being placed on IT security. Businesses globally are starting to view it as a strategic investment and the share of IT budgets that is being spent on IT security is growing, reaching almost a quarter (23%) of IT budgets in large corporations.

This pattern is consistent across businesses of all sizes, including very small businesses where resources are usually in short supply. However, while security appears to be receiving a larger proportion of the IT budget pie, the pie itself is getting smaller. For example, the average IT security budget for enterprises in absolute terms dropped from $25.5M last year to $13.7M in 2017.

This is a concern for businesses, especially given the fact that – unlike IT security budgets – security breaches aren’t getting cheaper to recover from. This year, SMBs paid an average of $87.8K per security incident (compared to $86.5k in 2016), while enterprises faced an even larger increase of $992K in 2017, compared to $861K in 2016.

READ:  Google Assistant will eventually prevail against Amazon’s Alexa—IHS

Nonetheless, raising IT security budgets is only part of the solution, as the most staggering losses stem from the incidents involving third parties and their cyber-failures.

SMBs had to pay up to $140K for incidents affecting infrastructure hosted by a third party, while enterprises lost nearly two million dollars ($1.8M) as a result of breaches affecting suppliers that they share data with, and $1.6M because of IaaS-providers’ insufficient levels of protection.

Kaspersky Lab_IT-sec-economics-report.jpg

As soon as a business gives another organization access to its data or infrastructure, weaknesses in one may affect them both. This issue is becoming increasingly important as governments worldwide rush to introduce new legislations, requiring organizations to provide information about how they share and protect personal data.

‘’While cybersecurity incidents involving third parties prove to be harmful to businesses of all sizes, their financial impact on a company has the potential to result in twice as much damage. This is because of a wider global challenge – with threats moving fast, but businesses and legislation changing slowly. When regulations like GDPR become enforceable and catch up with businesses before they manage to update their policies, the fines for non-compliance will further add to the bill”, says Alessio Aceti, Head of Enterprise Business Division at Kaspersky Lab.

To help businesses with their IT security strategies, based on the industry threat landscape and specific recommendations, Kaspersky Lab introduces the Kaspersky IT Security Calculator. This business tool is an ultimate guide to the cost of IT security based on the average budgets being spent (by region, industry and company size), security measures, the major threat vectors, money losses and tips on how to avoid a compromise. The Kaspersky IT Security Calculator and the full report ‘IT Security: cost-center or strategic investment?’ can be found HERE.

READ:  HP targets print security needs of Phl businesses

Kaspersky Lab offers solutions that cover the needs of SMB and enterprise companies related to endpoint protection, DDoS protection, cloud security, advanced threat defense and cybersecurity services.

Related Posts

Key security incidents that shaped threat landscap... Some of the revelations of the past year raised questions about the way the Internet is used nowadays and the type of risks faced by users, according ...
Casio G-SHOCK unveils elevated Gulfmaster timepiec... Casio G-SHOCK expanded its Master of G line with the Gulfmaster Summer Color GWN1000H-9A, its latest model. The Gulfmaster GWN1000H-9A is desig...
KINGMAX launches Sycret Cloud encryption card for ... To make using the Internet of Things (IoT) and Internet of Beings (IoB) applications safer, KINGMAX launched Sycret Cloud, a portable device to encryp...
Migration to electronic payments added nearly $300... Visa released the results of a new 2016 study conducted by Moody's Analytics that analyzed the impact of electronic payments on economic growth across...
Global back office system integration market to gr... The global back office system integration market is forecast to grow at a CAGR of 5.8% during the period 2016-2020. This is according to Res...
‘Always think you are a target’ Security technology provider Kaspersky Lab has bared strategies that help enterprises mitigate risks against malware, be it in the form of known, unkn...
Securing open hotspots By Louis Au, Vice President, Asia Pacific, Ruckus Wireless According to estimates by Wireless Broadband Alliance and Informa, the number of public ...
MoneyMatch Technology highlights peer-to-peer (P2P... Getting a loan or becoming a lender is now said to be simpler with MoneyMatch Technology, with the company introducing peer-to-peer (P2P) lending in t...
Intergraph launches new ‘Damage Assessment&#... Intergraph has launched its new Damage Assessment solution to help utilities better manage restoration activities following storms. The solution optim...
10,000 fall victim to Facebook phishing attacks in... A Kaspersky Lab security expert has uncovered a malware attack that tricked around 10,000 Facebook users around the world into infecting their devices...
About the Author

Leave A Response