NEW NORTH AMERICAN research from cybersecurity and digital privacy company Kaspersky finds that organizations of all sizes see the value of investing in cybersecurity, and they are planning to spend in 2022.
According to the report, Cybersecurity in 2022: Budgets, Insurance and Vendor Relationships, 86% of respondents say their organization intends to set aside budget for cybersecurity this year, with 85% indicating that budget will increase up to 50% over the next 12 months. At SMB organizations, 19% say their organization plans to boost spending for cybersecurity 6-10% compared to midmarket (12%) and enterprise (11%) increases.
When it comes to risk management, the top three budget priorities are cyber insurance (45%), digital forensics and incident response (43%), and training (42%).
The research also finds that the vast majority of organizations already have some cyber insurance coverage, with only 3% reporting they have none. For those that do have coverage, 20% of respondents report that their company annually invests less than $10,000 per year; 28% invest $25,000 to $49,999 per year; 26% invest $50,000 to $74,999; and 14% invest $75,000 to $100,000.
To get those policies, organizations say they would be willing to spend money on security controls (70%), compliance (52%), and education (44%).
The news isn’t all rosey for channel pros, however. When asked who they would hold most responsible for a cyberattack, 25% of respondents pointed to their vendors, followed by their internal IT team (23%). It’s a bit of a love-hate relationship, though. While 39% of respondents say they would put their cybersecurity vendor on immediate notice after an attack, and 38% would change vendors, 41% also says they would ask their cybersecurity vendor for more recommendations to avoid potential attacks, and 39% say they would listen to recommendations more willingly. (Multiple responses were allowed.)
Time to ready those cybersecurity recommendations for that first quarterly review.