Published: January 21st, 2013

An international study of IT professionals on security issues by Russian security vendor Kaspersky Lab found that the average medium-sized business is spending just over $90,000 every year on IT security, which works out to about $49.61 per employee.

When it comes to breaking down that investment, anti-malware is the most popular security measure, implemented by 67 per cent of businesses. Patch management was next at 62 per cent, followed by access control, separation of critical infrastructure and data encryption, all of which scored under 40 per cent.

RELATED STORY: Kaspersky’s channel chief gets a promotion

What’s driving this investment? Some 35 per cent of IT specialists said they’d lost business data due to malware infection, and half of respondents named cyber-threats as one of the most pressing risks to their business today, just behind economic uncertainty.

Drilling down into specific IT concerns, preventing IT security breaches was named the top concern by 31 per cent of IT pros, followed by data protection at 27 per cent. Budget constraints were identified as a key obstacle to IT security, as well as a lack of understanding of security issues by those holding the purse strings and a lack of knowledgeable staff.

Finally, IT professionals have some concerns when it comes to incorporating mobile devices into the business environment. Some 58 per cent said use of social media by employees poses a business risk, while 55 per cent were “much more” concerned about mobile device security than they were a year ago.