News & Trends

How Big Firms Invest In Cybersecurity To Protect Their Business

CyStack Avatar

Ngoc Vo

Marketing Executive @CyStack|March 28, 2023

Years of disastrous security incidents have prompted big corporations to reinforce their computer networks. From phishing scams to ransomware and data breaches, cybercrime does more than just disrupt their operation. These attacks can damage the reputation of those companies and put them in legal trouble.

Learn why large companies see cybersecurity as at the heart of their business and what investments they have made in this era in recent years.

Why Big Firms Invest In Cybersecurity

The risk of cyber attacks is becoming greater when more and more business operations rely on 24/7 computer systems.

Designed to thwart them off, cybersecurity isn’t a small expense. However, the cost of security incidents are even bigger. This is why investments in cybersecurity make perfect sense from the financial perspective, especially for big companies.

The Number And Cost Of Cyber Attacks Are Rising.

According to insurance provider Hiscox, cyber attacks have become one of the most dominant risks for organizations, alongside skills shortages and economic slowdown.

In its 2022 Cyber Readiness report, Hiscox surveyed thousands of companies in Ireland, the Netherlands, Spain, Germany, France, Belgium, the United Kingdom, and the United States. In seven out of those eight countries, cybercrime is seen as the top risk to business operations. One-fifth of business owners also believe it might put their company out of business.

The rising number of cyber attacks and their destruction can explain this concern. No one wants to conduct business with someone who has a history of security breaches. Unless organizations can secure themselves and their customers, it is hard for them to become reliable partners.

The financial cost associated with cyber attacks is rising as well. According to IBM, the average cost of data breaches is $4.35 million. For American organizations, this number is doubled to $9.44 million.

Read more: Financial costs of data breaches

A woman standing next to a server rack, holding a laptop
Large corporations have to protect their computer networks.

The need for effective cybersecurity solutions will only increase as more business activities occur online. Additionally, the COVID-19 pandemic has sparked a new trend toward remote working. This shift uses computer systems and networks as the new means of communication, raising the likelihood of cyberattacks.

Cybersecurity Can Save The Trouble Later.

Fewer security incidents mean less operation downtime, which can cost almost $340,000 per hour, according to Gartner. And we haven’t even mentioned things like legal costs or reputational damage.

In 2020, analysts at ESI ThoughtLab compared the spending and outcomes of more than one thousand companies across 19 countries and 13 industries. They determined that the return on investment (ROI) of cybersecurity spending is 179%, with investments in people producing the most gain (271%).

Securing cloud-based systems has emerged as a major technological concern in recent years. The trend toward hybrid or full remote work models exacerbates this. It gives workers more flexibility and freedom but also increases pressure on the infrastructure by providing more entry points for cybercriminals.

The consulting and technology research firm Gartner predicts that by 2023, worldwide expenditure on cybersecurity and risk management will increase by 11.3%, reaching $188.3 billion.

Illustration of a cloud computing structure in which many systems are connected together
Cloud infrastructure needs adequate protection to operate normally.

The sector will witness the fastest growth in spending of end-users on cloud security, which is projected to increase by 26.8% in 2023. This is followed by increases in spending on applications security (24.7%), data privacy (16.9%), infrastructure protection (16.1%), identity access management (15.1%), and data security (14.2%).

It is important to note that these priorities vary between organizations of different sizes. A‘s survey of 1053 businesses ranging in size from 100 to 1000 employees found that, while 83% of big American companies saw cybersecurity as a top priority, only 43% were making such investments.

On top of that, the security system wasn’t even the most important spending category among medium-sized and small businesses. That would be production and customer relationship management software.

Read more: Best Cybersecurity Tips For Leaders

Recent Cybersecurity Investments By Large Corporations


To further safeguard its cloud clients, Google announced in March 2022 that it would be purchasing the well-known cybersecurity company Mandiant for $5.4 billion. Ruth Porat, Alphabet’s CFO, said that the company made the purchase to better compete with the security offerings from Microsoft’s Azure and Amazon’s AWS.

In addition to becoming the second-largest acquisition ever of Google, it is also one of the biggest cybersecurity deals undertaken by a big tech firm. Google was certainly not alone in this since it was reported that Microsoft was also interested in acquiring Mandiant.

The Mandiant deal was closed in September 2022, and it was the latest example of the spending spree from large corporations in cybersecurity in recent years.

In August 2021, President Joe Biden met business leaders from a wide range of industries at the White House to discuss the efforts to pump billions of dollars into bolstering cybersecurity. The meeting came after several high-profile attacks like those on the pipeline operator Colonial Pipeline and software contractor SolarWinds.

After the meeting, Microsoft CEO Satya Nadella announced that his company would invest $20 billion in developing cutting-edge security tools. In addition, he said that Microsoft would be willing to put up $150 million to assist government agencies in upgrading their security infrastructure and improving their partnership in education and training. Since 2015, Microsoft has invested annually $1 billion in cybersecurity.

Google announced plans to spend over $10 billion over the following five years to improve cybersecurity. Its Career Certificate program would also provide training for 100,000 technical professionals in indisciplines like data analytics and IT support. The money that Google pledged would be used to strengthen open-source and supply chain security.

Logos of several big tech companies
Big Tech has made huge commitments to cybersecurity.

Another pledge came from IBM, who plans to equip more than 150,000 individuals with cybersecurity skills over the course of three years.


Overall, a Deloitte report in 2020 estimated that cybersecurity accounted for around 11% of the IT budgets of financial firms.

In 2019, Bloomberg reported that financial firms like big banks spend as much as $3,000 per employee to safeguard their computer networks. Based on 2018 headcount numbers, it would amount to around $750 million per year for both HSBC and JPMorgan, while the spending for Citigroup and Bank of America amounted to around $600 million.

The credit rating agency Moody’s announced in September 2021 that it would be spending $250 million to assess the risk of cyberattacks posed to the US’s large corporations.

The agency would be investing that money in BitSight, a company that employs algorithms to determine the possibility of a breach. The goal of Moody’s was to improve its ability to analyze the dangers that ransomware and other digital threats pose to government organizations and Fortune 500 companies.


Healthcare providers weren’t well-known spenders despite rampant data breaches in the industry. A report in 2019 from Gartner showed that only 5% of their total IT budget goes into cybersecurity. These figures lagged behind those of other sectors, such as retail and banking.

This is about to change, however. The healthcare cybersecurity market is predicted by Cybersecurity Ventures to grow 15% each year and reach $125 billion during the 2020-2025 period.


Despite economic uncertainties, large companies haven’t hesitated about putting more financial resources into cybersecurity. In fact, they have allocated more spending into securing their infrastructure and ensuring data safety. These investments show the importance of cybersecurity in the digital era, where the fallout of possible data breaches and security failures dwarfs the cost of prevention.

Bài viết liên quan

Ransomware là gì? Cách Phòng chống Mã Độc Tống Tiền
Ransomware là gì? Cách Phòng chống Mã Độc Tống Tiền
28/05/2024|News & Trends

Ransomware là một loại phần mềm độc hại có mục đích tống tiền người dùng bằng cách xâm nhập vào máy tính và thao túng dữ liệu của nạn nhân. Trong những năm gần đây, không phải virus, mà chính ransomware mới là mối đe dọa đối với các tổ chức, doanh nghiệp. Các quản …

Nghị định 13/2023/NĐ-CP về bảo vệ dữ liệu cá nhân có gì mới?
Nghị định 13/2023/NĐ-CP về bảo vệ dữ liệu cá nhân có gì mới?
13/11/2023|News & Trends

Nghị định 13/2023/NĐ-CP về Bảo vệ dữ liệu cá nhân, hay Nghị định 13, do Chính phủ Việt Nam ban hành đã chính thức có hiệu lực kể từ ngày 01/07/2023 với một số điểm mới nổi bật đáng chú ý dành cho doanh nghiệp. Tổng quan về Nghị định 13 Sau hơn 02 năm kể …

Bảo mật thương mại điện tử: Giải pháp cho doanh nghiệp Việt
Bảo mật thương mại điện tử: Giải pháp cho doanh nghiệp Việt
27/09/2023|News & Trends

Trong những năm gần đây, Thương Mại Điện Tử tại Việt Nam chứng kiến sự phát triển vượt bậc với các tên tuổi lớn như Tiki, Shopee, Lazada, Sendo, Vntrip, hay Luxstay. Bên cạnh tiềm năng phát triển, vẫn tồn tại những thách thức và rủi ro kìm hãm sự bứt phá của các doanh …