The average cost of experiencing a data breach globally is on the rise, with breaches now amounting to $1.23 million on average for enterprises and $120,000 on average for SMBs, new research found.
The average cost for an enterprise is up 24 percent from $992,000 in 2017 and up 36 percent for SMBs from $88,000 in 2017, according to research from Kaspersky Lab.
The 2018 report, “On the Money: Growing IT Security Budgets to Protect Digital Transformation Initiatives” builds upon data from previous years to identify how businesses are adjusting IT security spending to respond to the changing cyber threat landscape and the financial impact of cyberattacks when they occur. The annual Kaspersky Lab Corporate IT Security Risks survey is a global survey of IT business decision makers, which this year had 6,614 respondents from 29 countries.
In North America, the average cost of a data breach for an enterprise averaged $1.6M, which is up 23 percent or $300K from $1.3M in 2017. Additionally, North America is the most expensive location for an SMB to suffer a data breach compared to all seven regions in the study. SMBs in the U.S. and Canada have the highest recovery cost, at $149K on average, which is up 27 percent or $32,000 from $117K in 2017.
As the aftermath of a data breach continues to increase, it’s important to understand what types of cybersecurity incidents are occurring that result in a hefty bill, to proactively protect against these threats.
Safeguarding data in the cloud is continuing to present new challenges for businesses, with the most expensive cybersecurity incidents over the past year related to cloud environments and data protection, the survey said. For SMBs, the most expensive cybersecurity incidents globally were related to IT infrastructure hosted by a third-party, which cost $179K on average. For enterprises globally, the expense was related to targeted attacks, costing $1.64M on average.
For enterprises and SMBs in North America, the top expense is the same, according to the data – with both paying the most for incidents affecting IT infrastructure hosted by a third party at $163K for SMBs and $1.75M for enterprises on average.
With the cost of IT incidents on the rise, businesses understand they have to prioritize cybersecurity spending if digital transformation projects are to run smoothly and securely. The portion of IT budgets spent on security has increased in North America over the past year among enterprises, up nine percent to 28 percent of the total IT budget and for SMBs, who are up six percent at 25 percent. According to the report, enterprises in North America are above the global average for their budgets.
On a global scale, enterprises and SMBs are showing growth in prioritizing IT security spending with a three percent rise in 2018. Enterprise companies globally are allocating up to $8.9M on average – or 26 percent – of their IT budgets to cybersecurity, redefining the strategic role of corporate data protection. For SMBs globally, this equates to $246K, or 23 percent of the overall IT budget.
“To support dynamic business changes and increase efficiency, companies are embracing cloud and business mobility,” said Maxim Frolov, vice president of global sales at Kaspersky Lab. “Cybersecurity has become not just a line item in IT bills, but a boardroom issue and a business priority for companies of all sizes, as evidenced by companies raising their IT security budgets. Businesses expect a strong payoff as the stakes continue to get higher: Besides traditional cybersecurity risks, many companies now have to deal with growing regulatory pressures, for example.”
Click here to register for the report.