48AF3A60-914C-4C95-B1E0-3397FF00C1E9 Created with sketchtool.
Calculator
Europe, Retail & Wholesale, 4 999 employees
7E919FA3-84AA-4530-B42D-91BADB226992 Created with sketchtool.
  • All
  • APAC
  • China
  • Europe
  • Japan
  • LATAM
  • META
  • North America
  • Russia
7E919FA3-84AA-4530-B42D-91BADB226992 Created with sketchtool.
  • All
  • Financial Services
  • Government
  • Industrial/Manufacturing
  • IT & Telecoms
  • Retail & Wholesale
$
Calculate
Calculate your company's security profile

This is the ultimate guide to the cost of IT security. Select the details that match your company to see the average budgets your industry peers spend on IT security (by region, industry, size), what security measures they take, the major threat vectors they encounter, how much money they lose as a result, and what you can do to avoid being compromised. The Calculator has been created as an adjustable tool. The data presented can be updated and/or added to over time based on insights from customers and Kaspersky.

IT security budget in 2021

Data provided by 35 respondents*
Europe, Retail & Wholesale, 4 999 employees
IT Security budget makes up 26% of the total IT spend
View analytics for previous years
average
$ 6 038 566
average
$ 6 038 566
max
$ 82 500 000
2021
2024
Expected change to IT security budget in three years
+ 8 %
year
2021
2024
YoY Dynamics
Find out data for my company

Threats experienced in the last 12 months

Data provided by 35 respondents*
Europe, Retail & Wholesale, 4 999 employees
43%
Data breach
37%
Malware infection of BYOD devices
31%
Targeted attacks
31%
Incidents involving non-computing connected devices
29%
Physical loss of company owned mobile devices exposing the organization to risk
29%
IT Security policies violation by employees
26%
Cryptomalware/ransomware
26%
Electronic leakage of data from internal systems
26%
Inappropriate IT resource use by employees
26%
Cryptomining attacks
26%
Attacks on point-of-sale (POS) systems
26%
Phishing / social engineering attacks on accounts
23%
Attacks on local / branch offices of our company
23%
Fileless attacks
23%
Incidents affecting virtualized environments
23%
Incidents affecting IT Infrastructure hosted by a third party
23%
Incidents affecting suppliers that the business shares data with
20%
Inappropriate sharing of data via mobile devices
20%
Incidents affecting third party cloud services used by the business
20%
DDoS attacks
17%
Viruses & malware
17%
Physical loss of BYOD devices
14%
Physical loss of devices or media
14%
Supply chain attacks
71%
Any cyberthreat
$ 353 800
Average cost of one incident

Security measures in place

Data provided by 23 respondents*
Europe, Retail & Wholesale, 4 999 employees
60%
Endpoint Protection**
87%
Fraud Prevention
87%
Web Security
83%
Network Securitу
83%
Cloud Workload Security
83%
Services - Managed Detection & Response
78%
Mobile Security
78%
Services - Security Assessment
78%
Security solutions specifically designed for SaaS applications
78%
Storage array / network attached storage security software
74%
Services - Threat intelligence
74%
Messaging Security
74%
Network Sandboxing
74%
Security for Virtualization
70%
Endpoint detection & response (EDR)
70%
Industrial Cybersecurity
70%
IoT - Transportation Security
70%
Container Security
70%
Anti-DDoS Protection
70%
Services - Incident Response
65%
Services - Security Education & Training
61%
SIEM
57%
SOAR
52%
Advanced Persistent Threat (APT) Protection
Recommendations

Retail and wholesale companies rely heavily on the staff they employ. In the digital age, they encounter cyberthreats such as malware, the inappropriate use of IT infrastructure by staff, and the physical loss of devices or media containing sensitive data. While the malware threat can be effectively mitigated by up-to-date information security solutions, including security solutions for POS terminals, the only way to improve the IT security performance of staff is through regular cyber-awareness training.

Retail and wholesale companies in Europe often encounter incidents with virtual infrastructure, and involving suppliers with which they share data or third-party cloud services. In addition to that, recent incidents with ransomware have highlighted the weak points in cyber defenses. The recommendations here include building an extra layer of defense with cloud security solutions, enforcing the encryption of data in motion, and the deployment of virtualization-optimized solutions that ensure protection without hindering performance. It's also important that IT systems are protected with security solutions which have proven to be effective against ransomware and allow organizations to comply with data protection regulations – especially as the GDPR will soon be enforceable in Europe.

Want to see more statistics?
Fill out this form to download the report “IT Security Economics 2021: Managing the trend of growing IT complexity”
Download report
Need help with IT security?
Fill out this form and Kaspersky experts will get in touch
Contact me

*These statistics are based on results from an online survey of 3,063 business representatives from companies with 50 and up to 4,999 employees around the world, conducted in 2021 by Kaspersky and B2B International. Statistics based on less than 30 respondents should be used with caution, due to this being a low base.

** The methodology for measuring endpoint protection represents the penetration of endpoint protection in businesses meaning the proportion of corporate endpoints (both physical devices and virtual endpoints) that have endpoint security software installed in the average organization of this vertical and segment

© 2021 AO Kaspersky Lab. All Rights Reserved.

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information

Accept and Close