Third-party cybersecurity failures cost businesses the most

Posted on Sep 26 2017 - 10:58am by Upgrade Staff

While more companies are investing in cybersecurity regardless of ROI (63% in 2017 compared to 56% in 2016), a new study from Kaspersky Lab and B2B International has found that the average cost of a cybersecurity incident is growing.

According to the report ‘IT Security: cost-center or strategic investment?’, the most costly cybersecurity breaches for businesses of all sizes result from the failures of third parties, which means that companies should not only invest in their own protection, but also pay attention to that of their business partners.

Kaspersky Lab_IT-sec-economics-report_1.jpg

This year’s study reveals promising developments in the importance being placed on IT security. Businesses globally are starting to view it as a strategic investment and the share of IT budgets that is being spent on IT security is growing, reaching almost a quarter (23%) of IT budgets in large corporations.

This pattern is consistent across businesses of all sizes, including very small businesses where resources are usually in short supply. However, while security appears to be receiving a larger proportion of the IT budget pie, the pie itself is getting smaller. For example, the average IT security budget for enterprises in absolute terms dropped from $25.5M last year to $13.7M in 2017.

This is a concern for businesses, especially given the fact that – unlike IT security budgets – security breaches aren’t getting cheaper to recover from. This year, SMBs paid an average of $87.8K per security incident (compared to $86.5k in 2016), while enterprises faced an even larger increase of $992K in 2017, compared to $861K in 2016.

Nonetheless, raising IT security budgets is only part of the solution, as the most staggering losses stem from the incidents involving third parties and their cyber-failures.

SMBs had to pay up to $140K for incidents affecting infrastructure hosted by a third party, while enterprises lost nearly two million dollars ($1.8M) as a result of breaches affecting suppliers that they share data with, and $1.6M because of IaaS-providers’ insufficient levels of protection.

Kaspersky Lab_IT-sec-economics-report.jpg

As soon as a business gives another organization access to its data or infrastructure, weaknesses in one may affect them both. This issue is becoming increasingly important as governments worldwide rush to introduce new legislations, requiring organizations to provide information about how they share and protect personal data.

‘’While cybersecurity incidents involving third parties prove to be harmful to businesses of all sizes, their financial impact on a company has the potential to result in twice as much damage. This is because of a wider global challenge – with threats moving fast, but businesses and legislation changing slowly. When regulations like GDPR become enforceable and catch up with businesses before they manage to update their policies, the fines for non-compliance will further add to the bill”, says Alessio Aceti, Head of Enterprise Business Division at Kaspersky Lab.

To help businesses with their IT security strategies, based on the industry threat landscape and specific recommendations, Kaspersky Lab introduces the Kaspersky IT Security Calculator. This business tool is an ultimate guide to the cost of IT security based on the average budgets being spent (by region, industry and company size), security measures, the major threat vectors, money losses and tips on how to avoid a compromise. The Kaspersky IT Security Calculator and the full report ‘IT Security: cost-center or strategic investment?’ can be found HERE.

Kaspersky Lab offers solutions that cover the needs of SMB and enterprise companies related to endpoint protection, DDoS protection, cloud security, advanced threat defense and cybersecurity services.

Related Posts

It’s double trouble for companies with a vir... Companies with a virtual infrastructure may have to double their regular spending in case they are attacked by cybercriminals. A special report on ...
NYNE announces Rock and Rebel portable Bluetooth s... NYNE has launched the new Rock and Rebel portable Bluetooth speaker systems, the largest and loudest speakers of their kind. Each Bluetooth speaker is...
Infinera helps pave way to 5G with new open mobile... Infinera, a provider of Intelligent Transport Networks, expanded its Mobile Fronthaul and Mobile Backhaul Solutions to support mobile operators as the...
Ardent Networks bares growth plans Aiming to broaden its reach and presence in the country, enterprise and networking solutions provider Ardent Networks, Inc. (ANI) bared its plans to g...
Teleperformance receives highest placement out of ... Teleperformance, which is in omnichannel customer experience management, announced that the company was recognized by the Everest Group in the Contact...
Over half of firms say co-working is a long-term f... Latest research by workspace provider Regus reveals that co-working is now considered a long-term option for businesses, instead of a temporary soluti...
Bosch Security unveils latest video surveillance c... Bosch Philippines unveiled a new line-up of security systems that are built with heightened features to deliver a more accurate and secure surveillanc...
DICT, NICP and IBPAP to launch digitalcitiesPH Pro... The Department of Information and Communications Technology (DICT), the National ICT Confederation of the Philippines (NICP), the umbrella organizatio...
Kaspersky gives Filipino students a chance to show... Filipino students are given a chance again to show the world their prowess in cybersecurity as Kaspersky Lab opens its annual "CyberSecurity for the N...
Ricoh Theta S 360-degree cameras now globally avai... Ricoh Imaging Americas announced its Theta S 360-degree camera and accessories are now widely available. In the US, the Theta S has been available sin...
About the Author

Leave A Response