Over seven out of ten small businesses stand ready to invest in cybersecurity protection only when legally compelled to do so
Small and medium-sized businesses (SMBs) in Russia are gearing up to significantly boost their cybersecurity budgets in 2025, driven by escalating cyber threats, regulatory requirements, and the adoption of advanced technologies.
According to a recent study, approximately 85% of organizations plan to increase their cybersecurity budgets, with an estimated annual growth rate of 12.2%. This urgent need to enhance defences comes despite challenges such as a shortage of skilled professionals, particularly within SMBs.
The shortage of cybersecurity specialists in Russia is estimated to be at least 27,300 people, and this gap is predicted to continue for another five years. Despite this, 74% of small and medium-sized businesses are ready to strengthen their cybersecurity if new regulations are introduced.
The rising costs of cyberattacks are another key factor driving this increase in spending. Global cybersecurity spending is projected to reach $459 billion in 2025, with a significant portion coming from SMBs responding to the surge in cybercrime costs, which could reach up to $10.5 trillion globally by 2025.
Trends influencing SMB cybersecurity investments include the adoption of AI and automation, increased prioritization of Identity and Access Management (IAM), and the growing demand for scalable, cost-effective cloud security solutions.
However, high costs of implementing and updating cybersecurity solutions, lack of in-house expertise, and complex regulatory compliance requirements pose challenges for rapid adoption by SMBs. To bridge these expertise gaps while managing budget constraints, many SMBs are turning to managed security services.
In a discussion on handling personal data and associated fines, information security expert Evgeny Titov and senior partner of LOYS Law Firm Dmitry Koreshnikov highlighted the risks and measures needed to avoid fines due to information leaks. Companies in Russia risk a fine of up to 20 million rubles for failing to submit a notification of personal data processing to Roskomnadzor.
Respondents in the study are most concerned about DDoS attacks, malicious software, phishing attacks, corporate account hacking, and software vulnerabilities. Despite this, 16% of companies do not use any protective solutions, and 15% of respondents are having difficulty choosing solutions.
In a positive note, 20% of those surveyed will increase their spending on information security this year, 18% have not yet made a decision, and 53% plan to increase their IS budget. This suggests that despite the challenges, many SMBs are taking the necessary steps to protect their operations from cyber threats.
References:
[1] Cybersecurity Ventures (2021). Global Cybersecurity Market to Reach $459 Billion by 2025. Retrieved from https://cybersecurityventures.com/cybersecurity-market-report/
[2] Cybersecurity Insiders (2021). 2021 SMB Cybersecurity Survey Report. Retrieved from https://www.cybersecurityinsiders.com/reports/2021-smb-cybersecurity-survey-report
[3] Deloitte (2021). 2021 Global Cybersecurity Survey. Retrieved from https://www2.deloitte.com/content/dam/Deloitte/us/Documents/risk/uscs-2021-global-cyber-survey.pdf
[4] PwC (2021). Global State of Information Security Survey 2021. Retrieved from https://www.pwc.com/gx/en/services/consulting/cybersecurity/publications/2021/2021-global-state-of-information-security-survey.html
Small and medium-sized businesses (SMBs) in Russia are looking to investing in advanced technology to bolster their cybersecurity, as 74% of these businesses are prepared to strengthen their cybersecurity if new regulations are introduced. The rising costs of cyberattacks, which are projected to reach up to $10.5 trillion globally by 2025, are a significant factor driving this increase in spending.
