Organisations struggle to contain IT security budgets
Dimitris Raekos, GM, ESET Middle East discusses how organisations are coping with escalating costs of cyber defence
How much is enough to spend on security is the subject of constant debate in many an IT departments.
Organisations struggle to determine how much to spend on IT security as no one wants to pay more than they have to, notes Dimitris Raekos, general manager, ESET Middle East. “However, investing in IT security is essential, given the potential costs to your business of a digital intrusion – in terms of physical and reputational damage, not to mention the costs of recovery,” he adds.
Organisations should consider IT Security spending as an investment and look for operational benefits and ROI in a reasonable period of time, Raekos advices.
“Nevertheless, high level of protection should not always be related to the cost of the solutions and to brand names, actually high level of protection comes with the use of advanced technology and the cyber security experts advisory and technical consulting,” he adds.
Cybercrime is a today multibillion dollar global criminal enterprise with the Middle East region a popular target for cyber criminals.
Cyberattacks cost Gulf States US$1 billion annually, without taking into account incurred losses from hacker group's attacks such as the Desert Falcons that target businesses, notes Dimitris Raekos, general manager, ESET Middle East.
The Middle East cyber security market is expected to be valued at US$9.56 billion by 2019 with an estimated Compound Annual Growth Rate (CAGR) of 13.07%% from 2014 to 2019 according to a recent report of Frost & Sullivan. Meanwhile, the GCC countries are among the frontrunners in cyber-security readiness globally, as the region's network security spend is expected to grow from $340 million in 2012 to $1 billion by 2018.
Furthermore, according to PricewaterhouseCoopers Middle East Economic Crime Survey 2016, cybercrime remains the second most reported economic crime wherein 30% of the organisations have been affected and 39% of the enterprises think they will be affected in the next two years.
Therefore, to prevent losses cause by cybercrimes, it is important that governments and companies plan, manage and implement preventive measures against potential threats and attacks, Raekos says.
While it is difficult to figure out how much a company should spend on IT security, CIOs should balance the needs and requirements of the organisation with an aim to deliver more long-term value by minimising capital expenditure and operational costs wherever possible, says Raekos.
“Nonetheless, with the rise in security breaches and cybercrimes, CIOs should be spending more on security and boost security measures and spending to mitigate the risk to their businesses,” he adds.
IT security teams are hampered by the staggering forms of malware. From a resurgent ransomware scene, to identity theft, personal data theft to DDoS attacks, spam and phishing. The increasing instances of cybercrimes are affecting everyone, across the globe and industries, says Raekos.
The number of security breaches has clearly increased, leaving organisations vulnerable. There are various factors leading to the rise of cyberattacks and one of the causes is that not many organisations are investing or are unable to spend on information security, says Raekos.
As a result, organisations are left open to more vulnerability to cyber-attacks. Additionally, the increasing usage of smart devices at workplaces and the lack of security available on these devices make them an easy target for cyberattacks within the organisation network, he adds.
“Insecure systems and networks if not protected and managed well in the long-run are always costly and damaging. Hence, it is vital that companies recognise information security as the key pillar of overall business risk management,” Raekos says.
It is up to vendors such as ESET to offer the solutions and the technical know-how to strike the right balance between spending on IT security and maintaining a robust defence mechanism.
Raekos says ESET endeavours to cater to customers’ various needs via solutions that range from endpoint, mobile devices, and several antimalware, antispyware and other solutions such as data encryption, disaster recovery and secure authentication.
“Over 100 million users utilise ESET solutions across the globe, and to mitigate cyber threats in a cost-effective way, ESET offers cloud-computing and next generation products for businesses – with ESET Endpoint Security and ESET Endpoint Antivirus,” Raekos says.
ESET’ cloud solutions help organisations to fight cyber threats in a less expensive manner that are affordable and effective to mitigate threats, he adds.
Never has breaches been so damaging.
Cybercrime is a constantly evolving threat; hence, it becomes even more important for organisations to identify vulnerabilities in order to put in place strong security infrastructure and to mitigate users’ risks from cyberattacks, says Raekos.
“Poor cybersecurity frameworks can cause significant financial and operational costs, however, apart from these there are other unforeseen costs that organisations face, such as brand reputation and image (companies’ good will) and can have negative impact if hit by cyberattacks. Such scenarios will impact an organisations’ brand value as it may lose its stakeholders and customers,” he adds.
Furthermore, badly managed cybersecurity whereby a company fails to protect important information and sensitive data can lead to loss of trust from clients and customers alike, which may hit an organisations bottom line, Raekos notes.