Why some companies are investing over $1 billion on cybersecurity annually

As companies continue to shift more of their operations online, and modern technology advances, the risk of cyberattacks dramatically increases.

To combat this, companies such as Bank of America are allocating more of their budgets towards cybersecurity. Bank of America CEO Brian Moynihan recently told CNBC’s “Squawk Box” that the company is currently spending over $1 billion annually on cybersecurity alone.

Moynihan also expressed how much Bank of America has increased cybersecurity spending since he accepted his position 11 years ago. According to Moynihan, Bank of America has more than doubled how much they spend on cybersecurity since he first began working at Bank of America.

This comes as no surprise to experts in the cybersecurity field because it has become exponentially harder to keep up with modern technology. With more operations online, companies are more vulnerable than ever to cyberattacks.

Bank of America is not alone in wanting their company to be protected from cyberattacks. Many other companies have also increased their security budget to combat the rise in cyberattacks. Among those raising their cybersecurity budget is Microsoft, a massive technology company.

Similar to Bank of America, Microsoft has also stated that they are currently spending over $1 billion per year on cybersecurity.

Microsoft’s CEO Satya Nadella understands the severity of the risks associated with cybersecurity and how vital cybersecurity is for the company’s success.

“Cybersecurity is the central challenge of the digital age,” Nadella wrote on Twitter.

According to Microsoft’s data, the number of cyberattacks per week has risen from 20,000 to 600,000-700,000 in the past three years. Although such an exponential increase might seem rare, many other companies across America are experiencing similar upsurges in cyberattacks.

Much like CEOs and business leaders, the U.S. government also recognizes the immense threat companies face in the cyber world.

The White House issued a memo strongly advising business leaders to improve their cybersecurity. This statement was released from The White House as a result of the increasing number of cyberattacks that have hit private companies this year.

One of the latest cyberattacks that prompted the U.S. government to urge private businesses to increase their cybersecurity was a ransom attack on Colonial Pipeline in early May this year.

Cybercriminals by the name ‘Darkside’ demanded almost $5 million in exchange for the release of Colonial Pipeline’s data, one source told CNBC news.

DarkSide’s ransomware attack on Colonial Pipeline caused the company’s system to become inoperable until money was paid to the hackers. This resulted in a major oil shortage of gasoline across the Southeast of the United States and interfered with airlines nationally.

It is speculated by the FBI that the hacker group ‘DarkSide’ is selling this software to their cybercriminal associates who then execute the cyberattacks on companies. This is what is believed to have happened in the Colonial Pipeline incident.

Many other companies have fallen victim to these cybercriminal’s software, which is what has prompted the U.S. government to get involved and speak on this issue.

“All organizations must recognize that no company is safe from being targeted by ransomware, regardless of size or location,” said Anne Neuberger, the deputy national security advisor for cyber and emerging technology.

Neuberger also urged companies to regularly test their systems and efficiency of the cybersecurity in place. With the rapid speed that technology is advancing, frequently having comprehensive assessments on cybersecurity may just be the solution.

Hiring a cybersecurity firm that only does the bare minimum for your company is no longer sufficient. As a result, companies are starting to take a more hands-on approach to cybersecurity.

It is crucial that companies are informed of security risks before the attacker strikes, and before it is too late to prevent a cyberattack. Zyston, a cybersecurity firm based in Dallas, TX, is already helping companies do just that.

With extensive monthly reports on cybersecurity, client program managers, advisory services, and more, Zyston is able to protect companies from cyberattacks. Zyston also offers their specialized cybersecurity assessment CyberCAST, which provides ‘a quantitative security risk score along with industry comparative benchmarks, and both a strategic and tactical roadmap to improve that score’ to their clients.

Zyston promises their clients that their services go ‘beyond the alert’, providing companies with the level of security the U.S. government is urging companies to seek immediately.

These services are seen as essential to both Zyston and the government, but this level of protection against cyberattacks does require companies to increase the amount they spend on cybersecurity. While this may be difficult, it is vital to both the safety and success of companies both small and large.

Because of how important it is to have reliable cybersecurity in place, it is no surprise that companies like Bank of America are investing more into protecting their company’s online assets.

Doing so requires more than just a small fraction of a company’s I.T. budget. This is why so many companies are spending more on their cybersecurity. They recognize how vital it is to the success and longevity of a business.

While smaller businesses do not require a $1 billion budget to protect their systems against cyberattacks, they should be cognizant of the immense threat their security is under. The fact is, what a company needs to spend on cybersecurity is only going to increase as time passes.

CyberCAST Security Snapshot
CyberCast Security Reporting

Security reporting that speaks business

Zyston CyberCAST brings the world of cybersecurity metrics up out of the weeds and into the hands of executive decision makers so nothing gets lost in translation. With CyberCAST, your organization gets clear visibility on security risks and also how your organization scores against your industry peers.

Security Maturity 80% | Peer Benchmark

NIST Security Score

Get Your Security Score!

CyberCast MSSP MDR Security Report