Less Than Half of Large US Businesses Investing in Cybersecurity Despite Major Concern

Despite the rise in threats to businesses, companies aren't doing enough to protect themselves or their customers.
Jack Turner

Cybersecurity threats are a ticking time-bomb for many companies, and yet mostsmall businesses don’t see it as a main budget priority, an exclusive Tech.co report has revealed.

With cyberattacks on the rise and the average cost of an attack in the millions, safeguarding against issues such as data breaches and ransomware should be a number one concern for businesses of all sizes — but especially large businesses.

While small businesses are the least likely to be protected, large businesses are the most targeted by attackers and, surprisingly, don’t fare much better. 83% of large businesses see security as a significant threat to their business growth. Yet, only 43% of large businesses consider security a top three tech budget priority to invest in.

Tech.co's research has also shown that some industries are more blind to the threat than others, with the likes of the Hospitality, Wholesale and Retail industries burying their heads in the sand, leaving themselves seriously exposed.

View our exclusive data, press release and graphics here

Small Businesses Least Likely to Understand Cybersecurity Threat

Whilst cybersecurity is a hot topic among all companies, regardless of size, it’s small companies that are least likely to invest in the tech to protect themselves, despite recognising the risks.

When Tech.co surveyed businesses on the matter, 71% saw cybersecurity as a significant threat to their growth, including 63% of small businesses. And yet despite this, fewer than 30% of small businesses named security as a priority for investment, with financial, productivity, and customer relationship management software considered more important.

This is at odds with medium and large businesses, who were more likely to recognize the threat of cybersecurity to their growth (78% and 83% respectively) and mark it as a top three priority in their budgeting (36% and 43% respectively).

Large Businesses Have the Most to Lose

While cybersecurity risks are major concern for all companies, it's larger businesses who have the most to lose, literally.

A cyberattack at a big firm can be a huge payday for cyber criminals, and it's becoming increasingly common for such attacks to make the news.

An attack on Yahoo in 2013 is thought to have impacted 3 billion accounts. Last year, LinkedIn was the victim on a breach that saw 700 million users affected.

With such huge rewards for cyber criminals, be it in data or ransom payments, we can't expect these attacks to slow anytime soon.

The Industries Least Concerned About Cybersecurity

Tech.co data reveals a shocking disparity in concern between industries, with some sectors worryingly ignorant to cybersecurity risks, despite the fact that the average cost of a cybersecurity breach is estimated to be around $4.24 million.

Those working in Engineering or Architecture (57%), Utilities (57%) and Legal (54%) are most aware of the need to prioritize a security system, while those least likely to budget for security were the Hospitality (13%), Wholesale (19%) and Retail (24%) industries. Unsurprisingly, these latter three industries were also more likely to claim that cybersecurity isn't a critical threat to their growth – just 8% of hospitality industry respondents considered cybersecurity to be a critical threat.

Without a doubt, this demonstrates a false sense of security – and by some margin. In 2018 alone, 514 million hotel records were stolen globally. A 2019 report stated that the industry was the third highest industry to be compromised, with two thirds of these attacks targeting corporate servers. The Wholesale and Retail industries are also at risk. Attacks in the Retail sector are up 21%, with three quarters of Retail organizations reporting a significant loss in revenue after a ransomware infection.

Industries most and least likely to invest in cybersecurity

Among the other industries which reported a low level of investment in cybersecurity tech were Accounting and Education.

Only 25% of those working in Accounting would place Cybersecurity in their top three investment priorities, despite the fact that accounting firms are currently facing a 300% increase in attacks.

Of those in the Education sector that Tech.co surveyed, only 27% stated that cybersecurity was a top budget priority, and only 12% recognized it as a critical threat to growth. This is perhaps surprising given the large number of high profile ransomware cases that have hit the news in recent years in this industry, costing US schools and colleges $3.5 billion in 2021 alone. In some of the worst cases, attacks have crippled venues, with the 157 year old Lincoln College attributing cybersecurity as a factor in it closing its doors for good.

Cybersecurity Solutions

Keeping up with the latest cybersecurity can feel like constantly playing catch up, with new virus variants, data breaches and ransomware attacks being reported every day. However, tech has made this task easier than ever, and investing in robust solutions such as antivirus software and password managers can severely mitigate the risks.

49% of businesses surveyed by Tech.co reported using antivirus software to protect their business assets, and 80% were happy that this solved the challenges they had been facing. What’s more, businesses who chose to invest in antivirus software were more likely to also report that they were exceeding their business growth goals. On the flip side, over half of the businesses we spoke to were at risk from viruses, and antivirus software can’t solve all business security concerns alone.

Again, certain industries showed signs of being more behind than others, for example, only 25% of the Accounting industry reported using antivirus software, compared to 69% of those in the Legal profession.

Password managers can be another lifeline for employees. These reduce the risk of poor, easy-to-hack and repeated passwords, and they can also alert users about compromised credentials. 32% of those Tech.co spoke to had a password manager solution in place already, but some of the lowest use was seen in the most at-risk industries. Hospitality stood out once more, as only 7% of those in the industry stated they use password managers.

With cybersecurity threats on the rise, and exacerbated by a more vulnerable workforce due to the widespread adoption of hybrid working, attacks for many companies aren't so much a case of ‘if', but ‘when'. Preparing and raising digital defenses can deflect a lot of these attacks, but companies that don't invest in security now are likely to pay a much higher price in the long run.

This article was last updated on:
Did you find this article helpful? Click on one of the following buttons
We're so happy you liked! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at contact@tech.co

Jack is the Deputy Editor for Tech.co. He has been writing about a broad variety of technology subjects for over a decade, both in print and online, including laptops and tablets, gaming, and tech scams. As well as years of experience reviewing the latest tech devices, Jack has also conducted investigative research into a number of tech-related issues, including privacy and fraud.

Explore More See all news
close Thinking about your online privacy? NordVPN is Tech.co's top-rated VPN service See Deals