Cybersecurity remains a priority for investment among businesses, according to a Kaspersky report. Its share of IT spending has grown from 23% in 2019 to 26% in 2020 for SMBs, and from 26% to 29% for enterprises. 71% of organisations also expect their cybersecurity budget to grow further in the next three years.
This is despite overall IT budgets decreasing in both segments amid the COVID-19 pandemic, and cybersecurity cuts affecting the most economically hit SMBs.
External conditions and events can influence IT priorities for businesses. As a result of the COVID-19 lockdown, organisations have had to adjust plans to meet changing business needs – from emergency digitalisation to cost optimisation. The Kaspersky report, based on a survey of more than 5,000 IT and cybersecurity practitioners, observes recent IT security economics trends and how they correlate with this year’s events.
The share of IT budget dedicated to IT security continues to grow year-on-year, even though the overall IT budget has fallen from $1.2m in 2019 to $1.1m in 2020 among SMBs, and from $74.1m to $54.3m for enterprises. This decrease may be due to the consequences of the global coronavirus pandemic, according to Gartner, whose experts also predicted that budgets would decrease earlier this year.
As a result, in monetary terms, small and medium businesses allocated $275k to cybersecurity while enterprises invested $14m. The majority of companies are expecting these figures to grow in the next three years by 11% in enterprises and 12% in SMBs, on average. 17% believe it will remain at least the same as this year.
However, one-in-ten (10%) organisations said they are going to spend less on IT security. Interestingly, the main reason for this across enterprises is the deliberate decision of top management, who sees no point in investing so much money in cybersecurity in the future (32%).
“2020 has put many companies in situations where they needed to respond, so they wisely concentrated all their resources and efforts on staying afloat. Even though budgets get revised, it doesn’t mean cybersecurity needs to go down on the priority list,” says Alexander Moiseev, Chief Business Officer at Kaspersky.
“We recommend that businesses, who have to spend less on cybersecurity in the coming years, get smart about it and use every available option to bolster their defences – by turning to free security solutions available on the market and introducing security awareness programs across the organisation. Those are small steps that can make a difference, especially for SMBs.”