The average budget required to recover from a security breach

The average budget required to recover from a security breach is $551,000 USD for enterprises, and $38,000 for small and medium businesses according to Kaspersky Lab.

Based on a worldwide survey of 5,500 companies conducted in cooperation with B2B International, the survey concluded the most expensive types of security breach are employee fraud, cyber-espionage, network intrusion and the failure of third party suppliers.

Nine out of ten companies that took part in the survey reported at least one security incident, but not all were serious and/or lead to the loss of sensitive data. Results show most frequently breaches were the result of a malware attack, phishing, leaks of data by employees and vulnerable software which had been exploited.

Cost estimations provide a new perspective on the severity of IT security incidents and the findings show the outlook for SMBs and enterprises is slightly different. Large companies pay significantly more when a security breach is the result of a trusted third party failure. Other expensive types of breaches include fraud by employees, cyber-espionage and network intrusion.

The average enterprise bill and probability of some of the consequences break down as follows:


By comparison, SMBs tend to lose a significant amount of money on almost all types of breach, paying a similar high price on recovering from acts of espionage as well as DDoS and phishing attacks.

“We haven’t seen too many reports on the consequences of IT security breaches, estimating a loss in real money. It’s hard to come up with a reliable method of producing an average, but we understood we had to do it to bridge the theory of the corporate threat landscape with business practice. As a result, we have a list of corporate threats that caused the most significant damage – the ones we believe businesses should pay the utmost attention to,” commented Brian Burke, Head of Market Intelligence Team, Kaspersky Lab.

The methods used for this survey relied on data from previous years to pinpoint areas where companies have to spend money following a breach, or lose money as a result of a breach. Typically businesses have to spend more on professional services (such as external IT experts, lawyers, consultants, etc.), and earn less thanks to lost business opportunities and downtime.