Data protection, complex tech environments, downtime: main business headache related to IT Security

The Kaspersky IT Security Economics report is released every year to analyze the changes in budgets, breaches and business challenges affecting IT Security decision makers. This report is compiled from interviews with IT and IT security professionals from organizations of different sizes and industries. The survey was carried out in 27 countries across Europe, the Asia-Pacific region, the Middle East, Turkey and the Africa region, Latin America, and North America.[1]

According to the report, downtime and lost productivity are the most concerning business problems caused by ineffective IT security, an opinion expressed by 38% of companies. They encountered this problem mainly because of long time taken to detect, respond to, and remediate threats.

Securing complex technology environments and ensuring data connectivity were next on the list of key concerns, according to 33% of respondents. Among the main IT issues that cause this challenge, respondents pointed to the rising number of incidents involving non-computing connected devices and incorrect operations of cybersecurity solutions that left systems exposed. Additionally, difficulties in managing security across different computing platforms played a crucial role in their inability to build a reliable all-encompassing cybersecurity system.

Data protection is the third important concern that was expressed by 33% of companies, the same as the second one. Respondents were worried about this because they regularly encountered the physical loss of devices by employees and experienced leakage of data from corporate systems caused by both external and internal reasons.

‘In today's complex and constantly evolving threat landscape, the sophistication of cyberattacks has necessitated a heightened awareness among businesses. It is crucial for organizations to safeguard every aspect of their operations from potential breaches. Attackers no longer solely rely on zero-day exploits, as a simple click on a malicious link or a vulnerability in a contractor's infrastructure can lead to devastating consequences. This underscores the idea that information security should be based on a comprehensive and systematic approach, rather than being limited to the implementation of individual point-specific measures,’ comments Alexey Vovk, Information Security Director at Kaspersky. 

To protect companies against a wide range of cyber threats, Kaspersky recommends:

• Use all-encompassing solutions from the Kaspersky Next product line that provide real-time protection, threat visibility, advanced investigation and response capabilities for companies of any size and industry. Depending on their current needs and available resources, companies can choose the most relevant product tier and easily migrate to another one if their cybersecurity requirements are changing.
• Provide your InfoSec professionals with in-depth visibility into the cyberthreats targeting your organization. The latest Kaspersky Threat Intelligence will supply them with rich and meaningful context across the entire incident management cycle and help to identify cyber risks on time. 
• If companies lack qualified InfoSec professionals, adopt a managed security service such as Kaspersky Managed Detection and Response. It will provide the necessary expertise and give them the best possible advanced automated security services. Thanks to its analysis of corporate data gathered every day, in real time, 24/7, it can shield businesses against sophisticated cyberattacks.

To gain more insights about IT security costs and budgets in businesses, visit the interactive IT Security Calculator. To read the full report “IT Security Economics”, visit our website.