We are coming closer to the point where a cyber-attack will cost every large business more than $1 million. According to a new Kaspersky Lab report, a single cyber-security incident now costs a large business, on average, $861,000.
Small and medium-sized enterprises (SME) pay ten times less, on average — $86,500. The new report also stresses, once again, how costs go up the longer the threat remains unseen. For an SME, it will have to pay 44 percent more to recover from a week-old attack, compared to the one spotted on the first day. Among large companies, the percentage sits at 27.
The problem, according to the researchers, is in IT budgets — they’re fairly small compared to the cost of cyber-attacks. Small businesses will allocate 18 percent, and large ones 21 percent of their total IT budget on security.
“Based on our worldwide survey, the average IT Security budget is ‘worth’ just 2.5 cyber-attacks once all direct and indirect losses are taken into account. With the corporate world dealing with thousands of attacks on a daily basis, an efficient cybersecurity strategy definitely pays off. Businesses understand the threat clearly; 59 percent of SMBs and 62 percent of enterprises say they will improve their security regardless of the ability to measure return”, comments Vladimir Zapolyansky, head of SMB Marketing, Kaspersky Lab.
“However, the survey proves that reaction time post-breach has a direct impact on financial losses. This is something that cannot be remedied via budget increases. It requires talent, intelligence and an agile attitude towards protecting one’s business. As a security vendor, our goal is to provide tools and intelligence for businesses of all sizes, whilst keeping in mind the difference in ability to allocate security budgets”, adds Zapolyansky.