By Rob Cataldo, Managing Director for Kaspersky North America

One of the biggest conversations organizations have when planning for the year ahead centers around the main business objectives they would like to achieve and the financing they will have to get them there. While discussions around budget are far from anyone's favorite topic to talk about, they are necessary to have in departments company wide, including cybersecurity.

Given the growing prevalence and complexities around cyber threats and our role as a vendor, the leaders at Kaspersky were interested to learn more about how businesses are prioritizing cybersecurity in terms of budgeting, cyber insurance and their relationships with vendors. We commissioned a survey to hear from IT decision makers in the U.S. and Canada for insight into what cybersecurity vendors should expect in the year ahead.

Budgets will increase in 2022, but how much?

If there is one thing that was clear from the research it is that respondents overwhelmingly agreed (86%) that their organization intends to set aside budget for cybersecurity when planning for 2022. Up to 85% of respondents reported that their organization's budget would increase up to 50% in 2022, with the majority (15%) saying their budgets would increase by 11-15%.

While this upwards trend in budget is not a surprise, many experts agree that the industry at large is facing a slight reduction in average growth rate due to the economic consequences of the COVID-19 pandemic. Regardless, even modest growth of an industry as large as cybersecurity is an important trend and puts healthy pressure on vendors to meet market needs with value.

Cyber insurance is becoming more widely accepted

Cyber insurance is a newer concept in the cybersecurity industry that allows businesses to hold a policy with an insurance carrier to mitigate risk exposure by offsetting costs involved with damages and recovery after a cyber-related attack, breach, etc. Policies can be built for certain budgets and industries, and while not all are alike, many policies require a certain level of qualifications to obtain cyber insurance.

When it comes to how IT decision makers are prioritizing cyber insurance, the survey concluded that 28% of participating companies annually invest anywhere from $25K-$50k per year in cyber insurance. In addition, the top three criteria organizations said they would be willing to meet in order to obtain cyber insurance include security controls (70%), compliance (52%) and education (44%).

This willingness to allocate budget and even adhere to certain requirements in order to be qualified for cyber insurance will be a key trend we expect to see grow in 2022 and the years to come.

Trust in vendors is as important as ever

When it comes to choosing a cybersecurity vendor, the weight this decision holds is becoming increasingly important for both vendors and clients. The reason for this is that the research shows that if a cyberattack were to occur, organizations are most likely to blame vendors (25%) followed by their internal IT team as a close second (23%). In the same breath, 41% of IT decision makers also said they would ask their cybersecurity vendor for more recommendations on what their organization could or should do to avoid potential cyberattacks if they were affected by one. As a vendor, this is an important insight to be aware of because while businesses are more likely to place blame on them for a cyberattack hitting their organization, they will still likely turn to them for advice on how to prevent one from occurring in the future.

As we set our sights on a secure and prosperous 2022, the aforementioned trends are vital to consider when approaching existing and potential customers. In doing so, vendors will be better positioned to understand their needs and speak more relevantly to their immediate cybersecurity priorities.

##

ABOUT THE AUTHOR

Rob Cataldo, Managing Director, Kaspersky North America

As managing director of the region, Rob is responsible for the company's sales, business development and marketing functions as well as achieving the company's objectives for growth in market shares and profitability. Rob shares management oversight and responsibility for the public relations, customer support, finance, human resources and information technology departments.

Rob brings more than two decades of sales experience to his new role with prior positions held at impressive technology organizations, including Bromium, Gryphon Networks and Sophos. Preceding his role as managing director, Rob was vice president of enterprise sales at Kaspersky North America, during which he was responsible for securing enterprise customer wins and managing the B2B sales team.