A new survey has estimated that British businesses spend around £34bn a year ($52.5bn) protecting the country from cyberattacks,
A new survey has estimated that British businesses spend around £34bn a year ($52.5bn) protecting the country from cyberattacks, reports The Telegraph.
According to a new report from research think tank CEBR, £18bn ($27.8bn) of the huge cost can be attributed to loss of revenue, while a further £16bn ($24.7bn) is spent by companies bolstering their defenses and improving existing IT security plans. The effect of this spending is said to be having a significant impact on industry growth, with 7 out of 10 company CTOs (chief technology officers) stating that their cybersecurity policies “stifle” innovation in business.
Although 90% of surveyed CTOs said that they had increased spending to fight cybersecurity breaches, many in British business believe that the government should be shouldering more of the burden. As noted by IT Pro, 60% of of those surveyed said that the government should be doing more to prevent cyberattacks and reduce the financial cost for businesses.
The CEBR report also analyzed the risk facing different sectors of the UK industry, measuring both the increase in spending on IT defenses over the past year and percentage of revenue lost as a result of cyberattacks.
The sector with the biggest rise in IT security spend was utilities, energy and mining, increasing 6% in the past year after a 2.8% loss in revenue. This was followed by financial services (7% and 1.5% respectively) and manufacturing (5% and 2.5%).
British businesses will be hoping that the UK government follows the US, where President Obama recently proposed a 10% increase in cybersecurity spend. Meanwhile, a recent Dell survey concluded that IT security budgets should come from bottom up, informed by those with the necessary IT security knowledge and information.
“Organizations cannot expect to combat today’s increasing cyber threats If important stakeholders, such as the C-level executives and board members, are not adequately informed about their organization’s security strategy, challenges and goals,” said Kevin Hanes, executive director of Security and Risk Consulting for Dell SecureWorks.
