ISLAMABAD: A recent study by Kaspersky, a global cybersecurity and digital privacy company, revealed that 15% of companies worldwide have encountered cyber incidents in the last two years due to inadequate investment in cybersecurity. The study highlights that critical infrastructure, oil and gas, and energy organizations are most affected by cyber incidents resulting from improper budget allocation. Alarming statistics indicate that one in five companies globally lacks the budget required for adequate cybersecurity measures.
Critical infrastructure, oil and gas, and energy organizations reported the highest number of cyber incidents (15%) due to insufficient budget allocation, emphasizing the impact of improper funding on cybersecurity resilience. The telecommunications sector faced 13% of cyber incidents attributed to budget constraints, while transport and logistics, as well as financial services, each experienced 8% of incidents.
Globally, 78% of respondents indicated that their companies are well-equipped to keep up with or stay ahead of new threats through cybersecurity investments. However, 21% of companies admit to insufficient funds to protect their infrastructure adequately, and 3% lack a dedicated budget for cybersecurity needs.
Looking ahead, many companies plan to strengthen their cybersecurity measures in the next 1-1.5 years. The study identifies popular areas of investment, with 39% of companies allocating budgets for threat detection software and cybersecurity professional training. Other key measures include endpoint protection software, hiring additional IT professionals, and adopting SaaS cloud solutions.
Significance of Aligning Cybersecurity Investment with Business Strategy
Ivan Vassunov, VP, Corporate Products at Kaspersky, emphasizes the importance of aligning cybersecurity investment with business strategy. He highlights the need to view cybersecurity as a business goal and recommends modern approaches and technologies to address challenges effectively. Vassunov recommends Kaspersky’s SASE portfolio, XDR, and MDR solutions with integrated AI, machine learning, automated detection and response, and transparent reporting for CISOs.
To optimize cybersecurity budgets, Kaspersky recommends implementing products with Advanced Anomaly Control, such as Kaspersky Endpoint Detection and Response Optimum. For smaller enterprises, Kaspersky Endpoint Security Cloud offers an all-in-one hosted SaaS console, simplifying cybersecurity management. Kaspersky also provides training solutions, including the Automated Security Awareness Platform, Cybersecurity for IT Online training, and Expert Training, to enhance employee and security team skills.
Kaspersky Automated Security Awareness Platform training teaches employees safe internet behavior and includes simulated phishing attack exercises. At the same time, Kaspersky Cybersecurity for IT Online training helps build up simple yet effective IT security best practices and simple incident response scenarios for generalist IT admins, while Kaspersky Expert Training equips your security team with the latest knowledge and skills in threat management and mitigation to defend your organization against even the most sophisticated attacks. To advance decision-makers’ understanding of the importance of cybersecurity and how best to distribute budgets to stay ahead of threats, engage them with Kaspersky Interactive Protection Simulation for enhanced C-level professional education.
