This blog’s title is a bit of a trick question because cyber security should be a priority for businesses of all sizes, not just large enterprises. Arguably cyber security should be one of the top priorities in an IT business leader’s budget.
Ironically while there’s increased awareness of cyber security threats and a number of well-known Canadian organizations have faced expensive and well-publicized breaches, the overall financial impact of cyber crime on Canadian companies, estimated to be into the millions, hasn’t gone down. In fact, a recent article in Business.com, citing a global cyber security study, reveals that:
- 68% of organizations (big and small) fall victim to cyber security breaches.
- Small businesses account for 43% of all cyber security breaches.
Cyber criminals bank on the fact that smaller companies have smaller cyber security budgets and are therefore easier targets. If you serve larger organizations and are a smaller business, you’re at an even higher risk. Conversely, if you’re a larger organization, your vendors could be putting your organization and clients at risk.
The same study included some other interesting statistics on the topic of cyber security budgeting:
- According to Statistica, businesses globally spend about 12% of their IT budgets on cyber security.
- 54% of businesses plan to increase their cyber security spending in 2024.
The 2023 Canadian Threat Intelligence Report captured five trends that had significant influence on the cyber security threat landscape in 2023 and may impact your cyber security budget in 2024. These include:
- AI reshaping the cyber threat landscape.
- An acceleration in the sophistication of ransomware operators.
- Third-party data breaches remaining a key threat.
- Geopolitical tensions resulting in cyber threats.
- Threats focused on IoT and OT devices will increase quickly.
What should your cyber security budget take into consideration? Start with the following:
- Risk assessment
- Incident response
- Employee training
- Network and website vulnerability identification and management
- Regular scanning and testing, including dark web scanning
- Cyber insurance
Not sure what you need or where to start? Begin with some consulting time with a trusted IT/cyber security consultancy such as F12. We will help you understand your exposure, potential costs, and assist with long-term planning.
If you found this blog helpful, please feel free to visit F12.net for more content. Interested in seeing how your cyber security shores up? Reach out to us today to see if you qualify for a free Penetration Test.