Cybersecurity remains an investment priority for SMBs and enterprises despite overall IT budget cuts, according to a new report from Kaspersky titled Investment Adjustment: Aligning IT Budgets with Changing Security Priorities.
The share of IT budget dedicated to security continues to grow year-on-year, even though the overall IT budget has fallen from $1.2 million in 2019 to $1.1 million in 2020 among SMBs, and from $74.1 million to $54.3 million for enterprises.
However, respondents expect their security budgets to grow from 23% of overall IT spending in 2019 to 26% in 2020 for SMBs, and from 26% to 29% for enterprises. In addition, 71% of organisations also expect their cybersecurity budget to grow further in the next three years.
In monetary terms, SMBs allocated $275,000 to cybersecurity while enterprises invested $14 million. The majority of businesses are expecting these figures to grow in the next three years by 11% in enterprises and 12% in SMBs, on average. 17% believe it will remain at least the same as this year.
However, 10% of organisations said they are going to spend less on IT security. The main reason given for this across enterprises is the deliberate decision of top management, who sees no point in investing so much money in cybersecurity in the future (32%).
Among SMBs, the reason to reduce spend in this area is primarily dictated by the need to cut overall company expenses and optimize budgets (29%).
According to the Kaspersky report, external conditions and events can influence IT priorities for businesses.
As a result of the COVID-19 lockdown, organisations have had to adjust plans to meet changing business needs from emergency digitalisation to cost optimisation.
The report shows that SMBs were hit hardest by the lockdown, with more than half of small companies globally reported a decline in sales or experienced cash flow constraints.
It’s clear that those affected have needed to optimise their expenses to survive. However, while this impacts cyber protection, its important for businesses to find a way to keep safe from cyber-risks in such a challenging time, Kaspersky states.
Kaspersky chief business officer Alexander Moiseev says, “2020 has put many companies in situations where they needed to respond, so they wisely concentrated all their resources and efforts on staying afloat.
“Even though budgets get revised, it doesnt mean cybersecurity needs to go down on the priority list.
“We recommend that businesses, who have to spend less on cybersecurity in the coming years, get smart about it and use every available option to bolster their defenses by turning to free security solutions available on the market and introducing security awareness programs across the organisation.
“Those are small steps that can make a difference, especially for SMBs.”
The Kaspersky report, based on a survey of more than 5,000 IT and cybersecurity practitioners, observes recent IT security economics trends and how they correlate with this years events.