How Big Firms Invest In Cybersecurity To Protect Their Business
Years of disastrous security incidents have prompted big corporations to reinforce their computer networks. From phishing scams to ransomware and data breaches, cybercrime does more than just disrupt their operation. These attacks can damage the reputation of those companies and put them in legal trouble.
Learn why large companies see cybersecurity as at the heart of their business and what investments they have made in this era in recent years.
Why Big Firms Invest In Cybersecurity
The risk of cyber attacks is becoming greater when more and more business operations rely on 24/7 computer systems.
Designed to thwart them off, cybersecurity isn’t a small expense. However, the cost of security incidents are even bigger. This is why investments in cybersecurity make perfect sense from the financial perspective, especially for big companies.
The Number And Cost Of Cyber Attacks Are Rising.
According to insurance provider Hiscox, cyber attacks have become one of the most dominant risks for organizations, alongside skills shortages and economic slowdown.
In its 2022 Cyber Readiness report, Hiscox surveyed thousands of companies in Ireland, the Netherlands, Spain, Germany, France, Belgium, the United Kingdom, and the United States. In seven out of those eight countries, cybercrime is seen as the top risk to business operations. One-fifth of business owners also believe it might put their company out of business.
The rising number of cyber attacks and their destruction can explain this concern. No one wants to conduct business with someone who has a history of security breaches. Unless organizations can secure themselves and their customers, it is hard for them to become reliable partners.
The financial cost associated with cyber attacks is rising as well. According to IBM, the average cost of data breaches is $4.35 million. For American organizations, this number is doubled to $9.44 million.
Read more: Financial costs of data breaches
The need for effective cybersecurity solutions will only increase as more business activities occur online. Additionally, the COVID-19 pandemic has sparked a new trend toward remote working. This shift uses computer systems and networks as the new means of communication, raising the likelihood of cyberattacks.
Cybersecurity Can Save The Trouble Later.
Fewer security incidents mean less operation downtime, which can cost almost $340,000 per hour, according to Gartner. And we haven’t even mentioned things like legal costs or reputational damage.
In 2020, analysts at ESI ThoughtLab compared the spending and outcomes of more than one thousand companies across 19 countries and 13 industries. They determined that the return on investment (ROI) of cybersecurity spending is 179%, with investments in people producing the most gain (271%).
Trends In Cybersecurity Investment
Securing cloud-based systems has emerged as a major technological concern in recent years. The trend toward hybrid or full remote work models exacerbates this. It gives workers more flexibility and freedom but also increases pressure on the infrastructure by providing more entry points for cybercriminals.
The consulting and technology research firm Gartner predicts that by 2023, worldwide expenditure on cybersecurity and risk management will increase by 11.3%, reaching $188.3 billion.
The sector will witness the fastest growth in spending of end-users on cloud security, which is projected to increase by 26.8% in 2023. This is followed by increases in spending on applications security (24.7%), data privacy (16.9%), infrastructure protection (16.1%), identity access management (15.1%), and data security (14.2%).
It is important to note that these priorities vary between organizations of different sizes. A Tech.co‘s survey of 1053 businesses ranging in size from 100 to 1000 employees found that, while 83% of big American companies saw cybersecurity as a top priority, only 43% were making such investments.
On top of that, the security system wasn’t even the most important spending category among medium-sized and small businesses. That would be production and customer relationship management software.
Read more: Best Cybersecurity Tips For Leaders
Recent Cybersecurity Investments By Large Corporations
To further safeguard its cloud clients, Google announced in March 2022 that it would be purchasing the well-known cybersecurity company Mandiant for $5.4 billion. Ruth Porat, Alphabet’s CFO, said that the company made the purchase to better compete with the security offerings from Microsoft’s Azure and Amazon’s AWS.
In addition to becoming the second-largest acquisition ever of Google, it is also one of the biggest cybersecurity deals undertaken by a big tech firm. Google was certainly not alone in this since it was reported that Microsoft was also interested in acquiring Mandiant.
The Mandiant deal was closed in September 2022, and it was the latest example of the spending spree from large corporations in cybersecurity in recent years.
In August 2021, President Joe Biden met business leaders from a wide range of industries at the White House to discuss the efforts to pump billions of dollars into bolstering cybersecurity. The meeting came after several high-profile attacks like those on the pipeline operator Colonial Pipeline and software contractor SolarWinds.
After the meeting, Microsoft CEO Satya Nadella announced that his company would invest $20 billion in developing cutting-edge security tools. In addition, he said that Microsoft would be willing to put up $150 million to assist government agencies in upgrading their security infrastructure and improving their partnership in education and training. Since 2015, Microsoft has invested annually $1 billion in cybersecurity.
Google announced plans to spend over $10 billion over the following five years to improve cybersecurity. Its Career Certificate program would also provide training for 100,000 technical professionals in indisciplines like data analytics and IT support. The money that Google pledged would be used to strengthen open-source and supply chain security.
Another pledge came from IBM, who plans to equip more than 150,000 individuals with cybersecurity skills over the course of three years.
Overall, a Deloitte report in 2020 estimated that cybersecurity accounted for around 11% of the IT budgets of financial firms.
In 2019, Bloomberg reported that financial firms like big banks spend as much as $3,000 per employee to safeguard their computer networks. Based on 2018 headcount numbers, it would amount to around $750 million per year for both HSBC and JPMorgan, while the spending for Citigroup and Bank of America amounted to around $600 million.
The credit rating agency Moody’s announced in September 2021 that it would be spending $250 million to assess the risk of cyberattacks posed to the US’s large corporations.
The agency would be investing that money in BitSight, a company that employs algorithms to determine the possibility of a breach. The goal of Moody’s was to improve its ability to analyze the dangers that ransomware and other digital threats pose to government organizations and Fortune 500 companies.
Healthcare providers weren’t well-known spenders despite rampant data breaches in the industry. A report in 2019 from Gartner showed that only 5% of their total IT budget goes into cybersecurity. These figures lagged behind those of other sectors, such as retail and banking.
This is about to change, however. The healthcare cybersecurity market is predicted by Cybersecurity Ventures to grow 15% each year and reach $125 billion during the 2020-2025 period.
Despite economic uncertainties, large companies haven’t hesitated about putting more financial resources into cybersecurity. In fact, they have allocated more spending into securing their infrastructure and ensuring data safety. These investments show the importance of cybersecurity in the digital era, where the fallout of possible data breaches and security failures dwarfs the cost of prevention.