Home Technology Cyber budgets actually shrank during the pandemic, despite 79% of UK enterprises having experienced a serious incident
Our website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

Cyber budgets actually shrank during the pandemic, despite 79% of UK enterprises having experienced a serious incident

by wrich

Cyber consultants call on businesses to act now, or risk budgets shrinking further in ‘real terms’ during 2022 – leading to increased cyber vulnerability 


Thursday 11 November 2021 – The cyber budgets of UK enterprises actually shrank (-1%) during the pandemic, according to their cyber budget holders. This left cyber spend stagnating at an average of around £18 million ($24.9 million) for the 2021 financial year. This is despite the fact that 79% reported having suffered a major cyber incident. Of this group, the majority (73%) had experienced an incident in the past three years. 


Over half (54%) of organisations either ‘hit pause’ or decreased their cyber budgets during the pandemic. Now, IT leaders expect to increase their cyber budget by an average of 7.4% in the next twelve months, taking the average budget to £19.4 million. But taking into account inflation, which is currently 3%, this still may not be enough to make up for lost time during the pandemic. If this trend continues, a cyber spending ‘deficit’ will emerge that makes businesses more vulnerable to cyber incidents, as attacks become more frequent and more sophisticated.  


The problem is compounded by a lack of confidence among decision makers in how they spend their cyber budgets: 

  • 40% said their organisation needed a better understanding of how to prioritise areas for cyber investment.  
  • Half (50%) reported they had a cyber strategy but had not been able to fully implement it – meaning that cyber investments are not realising their full potential.  


“Businesses need to act now to lock in their cyber spending for next year,” said Jamie Smith, Head of Cyber Security at S-RM. “The readiness with which we saw businesses pull back their budgets during the pandemic is concerning. Next year’s cyber budgets cannot be futureproofed against all forms of disruption, but there are trends business leaders should watch closely. A major one is the rising cost of cyber insurance – premiums are going up. This is because cyberattacks are becoming more frequent. What’s more, insurers are looking to reduce the risk they take on when they provide cyber policies. As a result, insurers want companies to prove how cyber resilient they are before providing cover.” 


“UK cyber budgets shrunk at a time when the cost of cybercrime and frequency of attacks is increasing at an alarming rate. The average immediate damage of a cyber incident is in the region of £1.3 million. But the secondary costs like higher insurance premiums and recovery services can more than double this.”  


“Businesses have been failing to keep pace, and if they don’t commit to strategic investment in their cyber security, they risk serious financial and reputational damage.” 


The analysis, developed by S-RM, will guide UK organisations who are looking to utilise their cyber spend more effectively. It also found a clear correlation in the data which suggests that cyber confidence comes from the top. Businesses with boards who had a highly proactive approach to cyber security were more likely to say they are investing cyber budget in all the right places (73%) compared to those who do not experience proactive support from the top (44%). 


You may also like