Firms to increase cybersecurity spend despite uncertainty

The majority of global firms expect their cybersecurity budgets to grow despite ongoing economic uncertainty, according to the results of a survey carried out by Arctic Wolf. 

More than half (57%) of the senior IT and cybersecurity representatives from surveyed companies said their spend on cybersecurity would increase in 2023.

What's more, 15% of those expected their cyber budgets to balloon by 50% or more compared to 2022, when only 7% expected such a dramatic increase.

It comes as a majority of respondents (55%) also reported that their organisations suffered a ransomware attack last year. Almost three-quarters (74%) of those claimed to have paid some form of ransom.

Christopher Fielder, Field CTO at Arctic Wolf, said: "With half of organisations surveyed claiming to have experienced a data breach last year, it is easy to understand why, despite a tumultuous economic climate, the majority of businesses plan to increase their cybersecurity spending in the coming year."

For its 2023 State of Cybersecurity report, Arctic Wolf spoke to more than 700 IT employees at director level and above based in the US, the UK, Canada, South Africa, Germany, Austria, Switzerland, Australia, New Zealand, Norway, Sweden, Denmark and Finland. 

Hundreds of companies still unable to spend big on cyber 

Arctic Wolf's study has demonstrated the growing willingness of businesses to spend big and take necessary risks when it comes to cybersecurity.

But, of the 43% of respondents who said their cyber budget would not grow this year, many believed this had little to do with being well prepared. 

Instead, writes Arctic Wolf in its report, many individuals tasked with budgeting are locked into situations where an increase is simply not possible.

This could be due to a lack of available funds or not receiving leadership approval for budgetary increases. 

Researchers contend that organisations are putting themselves in a reactive cycle, where more time and funds are being spent reacting to threats instead of proactively reducing the risk of future threats.

Ransomware attacks and data breaches are cause for concern

The significant proportion of companies which suffered ransomware attacks last year may go some way towards explaining bigger spends on cybersecurity in 2023. 

Moreover, exactly half of organisations surveyed revealed they had suffered a data breach last year.

However, 72% chose not to disclose the relevant information out of fear of damage to company reputation, concerns over career consequences, worries over potential follow-up breaches, fear of the impact to the organisation’s cyber insurance premiums, or because they were not legally obligated to share.

Another key finding was that less than two in five (38%) respondents believe their cloud resources are secured properly, highlighting cloud security as the biggest area of concern, followed by vulnerabilities and patching (25%).

Sixty-eight per cent of surveyed firms identified staffing issues the number one threat to achieving their cyber objectives. 

“We believe the insights found within our report are a true pulse for the current state of cybersecurity and will help decision-makers better understand the security priorities and challenges of their peers," adds Fielder.

"While we are encouraged by the overall trends in the report, it is clear that perennial challenges remain for cybersecurity professionals, including staff shortages, securing new attack surfaces and preventing ransomware attacks.”

Read the full report: The State of Cybersecurity 2023 Trends