Content, Content

How Much Do Security Incidents and Breaches Cost Enterprises, Small Businesses?

Data breaches are hitting businesses in the wallet worse this year than last. Enterprises worldwide lose $1.2 million on average from every data breach and SMBs drop $120,000 per incident, a new Kaspersky report said.

For large businesses, the losses are up 24 percent from last year. For SMBs, the climb in costs is 36 percent. In North America, the average price tag of a data breach for an enterprise has reached $1.6 million, a 23 percent rise from last year. For SMBs, North America is the most expensive location to suffer a data breach at $149,000, or 27 percent more than last year, according to Kaspersky’s survey of 6,614 IT business decision makers from 29 countries.

Kaspersky has fashion the historical survey data into a report, “On the Money: Growing IT Security Budgets to Protect Digital Transformation Initiatives” that identifies how businesses are adjusting IT security spending and dealing with financial losses from attacks.

What type of cyber attacks cost businesses the most? Attacks related to safeguarding data in the cloud are the biggest challenge for businesses, the report said. For SMBs, the most expensive cybersecurity incidents globally are related to IT infrastructure hosted by a third-party, which cost $179,000 on average. For enterprises globally, targeted attacks cost $1.6 million on average. Both enterprises and SMBs in North America pay the most for incidents affecting IT infrastructure hosted by a third party, an average of $1.8 million for enterprises and $163,000 for SMBs.

Here’s some additional findings from the survey:

  • The portion of IT budgets spent on security has increased in North America over the past year among enterprises, up nine percentage points to 28 percent of the total IT budget. SMBs are spending six percent more on security this year, or 25 percent of the total IT budget.
  • Enterprise companies globally are allocating up to $9 million on average, or 26 percent, of their IT budgets to cybersecurity. For SMBs worldwide, this equates to $246,000, or 23 percent of the overall IT budget.
  • The top three motivations for investing in IT security are increased complexity of IT infrastructure (34%), improve the level of specialist security expertise (34%) and top management wanting to improve defenses (29%). In North America, the top three reasons are the same.

“To support dynamic business changes and increase efficiency, companies are embracing cloud and business mobility,” said Maxim Frolov, Kaspersky vice president of global sales. “Cybersecurity has become not just a line item in IT bills, but a boardroom issue and a business priority for companies of all sizes, as evidenced by companies raising their IT security budgets.”

D. Howard Kass

D. Howard Kass is a contributing editor to MSSP Alert. He brings a career in journalism and market research to the role. He has served as CRN News Editor, Dataquest Channel Analyst, and West Coast Senior Contributing Editor at Channelnomics. As the CEO of The Viewpoint Group, he led groundbreaking market research.