Strategy Note /

Investing in Cyber Resilience: Strategy, Spend, and the Search for Value

  • Cyber budgets are set to rise – on average by 15% in the next three years, but is that enough given the climate?

  • Just 56% of C-suite executives are confident their cyber investments are going to the right places

  • 80% reported their business has experienced a significant cyber incident. Now is the time to invest in cyber resilience

3 December 2021
Published byS-RM

Cyber budgets are set to rise over the next three years. However, the fast-changing threat landscape, a hardening insurance market and hybrid working models are all factors putting pressure on companies to make the right investment choices and improve their cyber resilience.

We surveyed 600 senior leaders and IT decision makers to learn where cyber budgets can be best invested, and how organisations can set their cyber strategies up for success. Here are our key findings.

Cyber budgets are on the rise but are they behind the curve?

The pandemic put a pause on cyber spend with budgets increasing on average less than 1% during the period. They are now set to rise by an average of 8% in the next 12 months. However, the rate and cost of cybercrime are also increasing. With insurance markets hardening, making it more difficult to transfer cyber risk to a third party, investing in organisational resilience has never been more important.

Strategy implementation creates value for money

51% of companies said they are yet to fully implement and roll out a cyber security strategy. Those that have, see greater value for money in their cyber investments – from technology to training.

Hybrid working continues to be a challenge

The shift to hybrid working models during the COVID-19 pandemic triggered 95% of companies to change their cyber incident response plans either in part or completely to evolve with new ways of working. But hybrid working remains the top-ranking concern for cyber decision makers, where 42% grapple with the tension between keeping the wider business running smoothly and staying on top of cyber security priorities.

Discover the full research findings: