Cyber attacks cost large businesses in North America an average of $1.3 million in 2017, according to a new report from security vendor Kaspersky Lab and market research firm B2B International.

The companies surveyed more than 5,000 businesses across 30 countries to gather data on cyber security issues. The cost of data breaches and other attacks for North American organizations was up from $1.2 million in 2016, and totaled $117,000 per incident for small and medium businesses.

Companies are starting to view IT security as a strategic investment, the report said. The share of budgets spent on security is growing, reaching 18 percent compared with 16 percent in 2016. In 2016, the main reason businesses in North America wanted to increase IT security budgets was due to new business activities/expansion. But this year the increased complexity of IT infrastructure is driving budget increases.

However, while security appears to be receiving a larger proportion of the IT budget, the budget itself is getting smaller. For example, the average IT security budget for enterprises worldwide dropped from $25.5 million in 2016 to $13.7 million in 2017.

Raising IT security budgets on a global scale is only part of the solution, the study said, but this allows businesses to take a proactive approach and avoid costly security costs when incidents occur. The top financial loss in North America when a data breach occurs stems from additional staff wages needed for enterprises, compared with loss of business and having to employ external professionals.

Register or login for access to this item and much more

All Information Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access

Bob Violino

Bob Violino

Bob Violino is a freelance technology and business writer who covers a variety of topics, including big data and analytics, cloud computing, information security and mobile technology.