48AF3A60-914C-4C95-B1E0-3397FF00C1E9 Created with sketchtool.
North America, Finance, 4 999 employees
7E919FA3-84AA-4530-B42D-91BADB226992 Created with sketchtool.
  • All
  • APAC & Japan
  • Europe
  • META
  • North America
  • Russia
7E919FA3-84AA-4530-B42D-91BADB226992 Created with sketchtool.
  • All
  • Finance
  • Government
  • Healthcare
  • Industrial/Manufacturing
  • IT & Telecoms
  • Retail & Wholesale
Calculate your company's security profile

This is the ultimate guide to the cost of IT security. Select the details that match your company to see the average budgets your industry peers spend on IT security (by region, industry, size), what security measures they take, the major threat vectors they encounter, how much money they lose as a result, and what you can do to avoid being compromised. The Calculator has been created as an adjustable tool. The data presented can be updated and/or added to over time based on insights from customers and Kaspersky.

IT security budget in 2019
Data provided by 25 respondents*
North America, Finance, 4 999 employees
IT Security budget makes up 20% of the total IT spend
View analytics for previous years
$ 20 065 625
$ 20 065 625
$ 125 000 000
Expected change to IT security budget in three years
+ 11 %
YoY Dynamics
Threats experienced in the last 12 months
Data provided by 26 respondents*
North America, Finance, 4 999 employees
Viruses & malware
Physical loss of devices or media
Phishing / social engineering attacks on accounts
DDoS attacks
Targeted attacks
Inappropriate sharing of data via mobile devices
Inappropriate IT resource use by employees
Incidents involving non-computing connected devices
Cryptomining attacks
Incidents affecting IT Infrastructure hosted by a third party
Incidents affecting third party cloud services used by the business
Data breach
Electronic leakage of data from internal systems
Incidents affecting virtualized environments
Incidents affecting suppliers that the business shares data with
Financial losses due to attacks on ATM
Attacks on point-of-sale (POS) systems
Attacks on core transactional / back office systems
Attacks on online banking services
Any cyberthreat
$ 1 532 534
Average cost of one incident

Companies that rely on monetary transactions for their core business have always been a lucrative target for cybercriminals. With advances in fraud technologies, cybercriminals are switching their focus away from the ‘easy pickings’ of customers to the more challenging but rewarding targets provided by services providers themselves. The most pressing issues for financial services providers are: targeted attacks, embedded systems security (ATMs, POS), the human factor, cloud availability, fraud and ransomware. All interconnected security systems aim to address the rapid detection of sophisticated attacks, but the response and prediction security stages are generally the subject of less attention, while they actually require greater levels of investment. Anti-targeted attack solutions, embedded systems security and specialized solutions for use in datacenters – all of these are ‘must-haves’ for financial services businesses.

High levels of integration between financial systems and the digital economy in the North American region means that monetizing cyber attacks is relatively straight forward. The significant growth of ransomware attacks in North America in recent years is a clear example of this. So all companies in this region should be ready to be an ‘early adopter,’ implementing all the latest IT security technologies such as anti-targeted attack, EDR and threat intelligence as soon as they become available. Financial organizations operating in North America should also pay special attention to cyber incidents resulting or originating from the physical loss of devices or data containing sensitive information, and the inappropriate use of IT resources by employees - in many cases unintentional. Embedded devices are a must-have service for the customers of these financial organizations, but they are also an entry point for targeted attacks. The current security levels for these devices are not usually enough and need to be enriched. In order to minimize the impact IT security incidents may have on suppliers, it is strongly advised that these organizations make cybersecurity awareness training part of employee onboarding and a regular training and development feature.

Want to see more statistics?
Fill out this form to download the «IT security economics in 2019: How businesses are losing money and saving costs amid cyberattacks» report
Download report
Need help with IT security?
Fill out this form and Kaspersky experts will get in touch
Contact me
*These statistics are based on results from an online survey of 4,474 business representatives from companies with up to 4,999 employees around the world, conducted in 2019 by Kaspersky and B2B International. Statistics based on less than 30 respondents should be used with caution, due to this being a low base.

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information

Accept and Close