Kaspersky: Enterprises Running Old Software Lose 47% More Money in Data Breach
More than four in 10 organizations in North America use out-of-date technology and lose nearly 50 percent more money in a data breach than companies running updated software and hardware, a new Kaspersky report said.
Enterprises with outdated technology can lose 47% more money when they suffer a data breach compared to those who update their IT systems in a timely manner. The downside for small- to medium-sized (SMBs) is even more pronounced, the security specialist said. SMB’s running outdated technology can see up to 54 percent bigger losses than their competitors deploying current releases, Kaspersky said.
In terms of actual dollar value, enterprises running outdated technology, such as unpatched operating systems, old software and unsupported mobile devices, can lose on average $1.3 million versus $836,000 for companies with completely updated technologies. For SMBs, the total cost of a data breach for those with fully updated hardware or software is $74,000 as compared to $114,000 where earlier versions have not been replaced.
North American enterprises with any form of outdated technology can suffer $1.3 million in financial damage while the total cost for SMBs is $160,000.
Worldwide roughly one-third of SMBs and enterprises have unpatched operating systems according to Kaspersky’s figures. Businesses with outdated technology are much more likely to suffer a data breach (65%) than those running updated software and hardware (29%).
The primary reason companies decline to update their technology is employee inconvenience. Nearly half of organizations globally have employees who refuse to work with new versions while the same number of companies cannot upgrade their devices or operating systems because they use legacy software. One-third of businesses said outdated technology is used by C-level staff and is excluded from their update plan.
Kaspersky said its survey of more than 5,000 IT business decision makers worldwide on IT security risks clearly shows that organizations should prioritize and invest in renewing software. As security experts continually advise, installing software patches and updates as soon as the latest version is available minimizes the risk of exploitation even if the process is arduous or time consuming.
“Any additional costs for business are of course critical, especially now,” said Sergey Martsynkyan, who heads Kaspersky’s B2B product marketing. “Even if [obsolete software] is impossible to get rid of overnight, there are still some measures to mitigate the risk. Companies can not only save money, but also avoid other potential consequences, which is crucial for any business.”
The survey data are part of a two-part report in Kaspersky’s IT Security Economics 2020 series focused on how businesses can minimize the cost of a data breach and align IT budgets with changing security priorities.