In their recent report on IT Security Economics, cybersecurity solutions provider Kaspersky has revealed that companies across Europe are planning to increase their IT security budgets by 10% in the next three years. This investment is being driven primarily by a desire to increase specialized security skills and concerns around geopolitical or economic uncertainties.
(https://www.logsign.com/uploads/it_security_vs_cyber_security_9d94c28c00.png)
A recent study by PWC has shown that businesses' interest in cybersecurity has already resulted in improvements in their IT security postures. This is likely due to the increasing use of digital technologies and the ever-changing threat landscape.
To compile its report, Kaspersky conducted 3,230 interviews with businesses employing over 50 people in 26 countries to understand what they are currently investing in cybersecurity and their plans for future investment.
According to the survey results, IT security budgets are set to rise across Europe for both SMEs and large companies to address a range of issues. The median IT budget for large European companies is around €6.2 million ($6.8 million), with €1.8 million ($2 million) being allocated for cybersecurity. Meanwhile, SMEs invest a median of €138,000 ($150,000) in cybersecurity out of an overall IT budget of €345,000 ($375,000).
The main reasons for increasing IT security budgets were due to the complexity of IT infrastructure and a need to improve the level of specialized security expertise. Additionally, new potential risks from increased geopolitical or economic uncertainty were cited as a reason for increased investment.
Overall, the additional budgeting should help companies address the most pressing IT security issues. European companies see data protection issues as the biggest challenge, followed by problems with cloud infrastructure deployment and the security costs of increasingly complex technology environments. State regulations are another important factor affecting growing information security budgets.
European Union is planning to introduce stricter rules for US-based IT corporations like Google, Microsoft and Amazon who want EU certification for processing confidential data, as reported by Reuters. Under the proposed regulations, these corporations will be allowed to provide services only through joint ventures with European companies limiting their shares.
Additionally, access to confidential data of Europeans and European companies should be granted only to employees who have undergone a special check. Data of users of cloud services must be stored and processed within the EU. This will also make EU legislation superior to legislation of other countries for American cloud service providers when it comes to privacy and security.
Despite the concerns from American companies, the new provisions are likely to become a significant barrier for American companies, while at the same time AI solutions may increase demand for cloud services in Europe.
The urgency to bolster defenses against cyber threats is driven by the escalating sophistication of attacks, including ransomware, data breaches, and advanced persistent threats. This has compelled businesses to reevaluate their IT security posture and allocate more resources to safeguard their digital assets.
From a technical perspective, the rise in IT security budgets enables organizations to invest in cutting-edge technologies such as advanced threat detection systems, behavior analytics, and security orchestration platforms. These investments are crucial for mitigating risks and fortifying network infrastructure against evolving attack vectors.
Moreover, the allocation of increased budgetary resources allows for the implementation of comprehensive security awareness training programs for employees, which is essential in cultivating a culture of cybersecurity consciousness within organizations. This proactive approach aims to reduce human error, often cited as a leading cause of successful cyber attacks.
Additionally, the surge in IT security budgets facilitates the adoption of robust encryption protocols, secure access management solutions, and regular security assessments to identify vulnerabilities and proactively address them. Integrating these measures into the organization's IT environment bolsters its resilience against potential threats.
Furthermore, the enhanced budgetary provisions enable the procurement of expert cybersecurity services and consultancy to assess, design, and implement tailored security measures aligned with specific industry regulations and compliance standards.
The increase in IT security budgets for European SMEs and large enterprises empowers cybersecurity engineers to deploy state-of-the-art defenses, cultivate a security-centric organizational culture, and fortify digital infrastructure against the evolving threat landscape.