New data from the 2022 Cyber Security Insights Report from global intelligence and cybersecurity consultancy S-RM has found that cybersecurity budgets are set to increase an average of only 11 per cent over the next 24-36 months.
With high levels of inflation, this means UK organisations will effectively be facing cuts to their cybersecurity budgets to 2025. The report found 13 per cent of UK respondents expect budgets to decrease over the next 24-36 months.
S-RM’s report also shows that, on average, cybersecurity spending represents over a quarter (26 per cent) of organisations’ annual IT budgets in 2022. The research also marks a five per cent year-on-year average growth in cybersecurity budget, when compared to responses in 2021.
Heyrick Bond-Gunning, CEO of S-RM, comments:
“We’ve seen a lot of market disruption over the past year. But one thing that hasn’t changed is the importance of investing in cybersecurity. Not only protect your business, but also to foster future growth.
“However, our findings show that, after inflation is taken into account, budgets are set to barely increase in the coming years. That is a point of worry as cyber threats increase, insurance coverage shrinks and compliance considerations continue to evolve. Decision makers need to be proactive in defending against cyberattacks. Otherwise, they could find themselves racing to mitigate damage and cost in the future.”
Factors driving spend
Some of the key reasons for budgetary increases included:
- Maintaining security against evolving threats (40 per cent)
- Responding to changes in regulations and compliance (38 per cent)
- Increased focus on cybersecurity at board level (38 per cent)
The research also found that smaller companies are more likely to allocate between 40-60 per cent of their IT budgets to cybersecurity. 20 per cent of companies with an annual revenue of between $500million and $1billion currently allocate this proportion of their IT budget to cybesecurity. This is compared to just 10 per cent among companies with $1billion-$5billion in annual revenue.
Jamie Smith, board director and head of cybersecurity at S-RM added:
“Cybersecurity is an issue that exists beyond just board level, and resources must be allocated throughout a business to best defend against malicious intent from threat actors.
“Cybersecurity departments cannot achieve the results they need to if budgets don’t afford them the necessary resources. The fact that smaller, agile businesses are dedicating more resources to this area should be a clear sign for larger companies not to let investment get tied up in bureaucracy.”
UK-US comparison
The average percentage of organisations’ IT budgets allocated to cybersecurity across the UK (25 per cent) and the US (26 per cent) are fairly consistent. However, the average predicted increase to cybersecurity budgets over the next two to three years differs slightly across markets according to the report. The UK reported an anticipated increase of eight per cent, and 14 per cent across the US.
A higher proportion of UK decision-makers anticipated that cybersecurity budgets may increase in the future due to the need to respond to changes in regulations and compliance. 42 per cent in the UK vs 35 per cent in the US. In comparison, a higher proportion of US decision-makers felt that cyber budgets might rise due to their organisation increasing its focus on resilience (43 per cent in the US compared to 29 per cent in the UK).
Image and article originally from thefintechtimes.com. Read the original article here.