The purchase of cybersecurity solutions/services (66%), as well as cybersecurity training (57%), are the most popular IT investments among British businesses this year, according to the newest research by NordLayer. The majority of UK companies (61%) have in-house cybersecurity specialists to take care of that, while 22% outsource such services.
“IT and cybersecurity budgeting are two different segments of financing. IT covers overall technology investments, including hardware, software, personnel and cybersecurity. Because cybersecurity is just a fraction of the grand scheme, it explains why budgets can be tight and sometimes even non-existent,” says Carlos Salas, cybersecurity expert at NordLayer.
Additionally, the same research shows that the most prominent types of cyberattacks in the UK from the last year were malware (43%), phishing (31%), and data breaches (26%). As a result, financial damage varies from losses of up to £5,000 for 24% of companies and to over £10,000 for 17% of surveyed UK companies. Numbers could be even higher because as much as 25% of companies could not disclose how much they lost due to cyber incidents.
Research reveals that British companies combine different measures to achieve security. Nearly eight out of 10 companies utilise antivirus software (79%). Password (63%) and file encryption (66%) managing solutions are the second-highest priority when creating security policies within organisations at the moment.
Business virtual private networks (VPNs) maintain their popularity in securing organisation network connections, with over half (55%) of companies using them. Cyber insurance (56%) is a relatively new solution making its way to business cybersecurity, although its focus is on covering the consequences of an incident rather than preventing it.
More than a quarter of UK companies plan to allocate up to 24% of their organisational budget for IT needs in 2023. Spending on cybersecurity solutions, services and applications will remain a priority (66%) in the 2023 budget. However, British companies will devote less budget to employee cybersecurity training (57%), hiring dedicated staff for cybersecurity questions (47%), and external cybersecurity audits (45%).