Security spend on antivirus should not be limited in favor of more law enforcement due to difficulties keeping up with cybercriminals and the large amount of sensitive data, note security watchers, who advise a holistic allocation of resources to budget, international laws and education.
While detection and enforcement need to be "dramatically improved", cybercrime is often conducted in jurisdiction where timely extradition, trial and punishment in a cost-effective manner are difficult and, hence, ineffective as a deterrent, noted Mark Bower, vice president of Voltage Security.
The criminals know this and exploit the situation, operating at arm's length of the law, he added. As such, the public should not expect too much of governments regarding how fast they react to cybercrimes, how operations should be funded to detect and respond to such activities, and how law enforcement keep up with the innovation criminals have access to, Bower explained.
At the same time, there is also too much high-risk information available in government systems so it will not be wise to reduce expenditures on technical information, he added.
Nick Hayes, senior researcher of security and risk at Forrester Research, agreed reducing spend on ensuring proper technical information was a bad idea. Technical tools can enhance an organization's security posture and increase visibility into their network, he explained.
However, Hayes maintained technical tools are only "a piece of the cybersecurity puzzle"--an organization need a holistic program which utilizes all forms of prevention, detection, and enforcement to most effectively prevent threats in today's world.
The University of Cambridge, approached by U.K.'s Ministry of Defense, conducted a cybercrime study last month which revealed the country spent almost £640 million (US$993 million) on cybercrimes but less than £10 million (US$15.5 million) on cybercrime law enforcement.
"Some police forces believe the problem is too large to tackle," Ross Anderson, the study's lead author told the BBC in a report. "In fact, a small number of gangs lie behind many incidents and locking them up would be far more effective than telling the public to fit an anti-phishing toolbar or purchase anti-virus software."
Not focus on balanced budgets but policies
When organizations try to calculate their security budgets, they often struggle to measure the potential impact and likelihood of a security breach, noted Andrew Rose, principal analyst of security and risk at Forrester Research.
At a government level, this becomes almost impossible to quantify, he added.
Cybercriminals inhabit regions across the globe which makes policing and apprehending them a challenging proposition, Rose reiterated.
Governments therefore should consider more than just prevention, detection and recovery from cyberattacks, and also focus on building national and international laws which can deal with attackers as well as political influence to manage the situation should it transpire the attack is a fellow nation state, he suggested.
He added that a national level of protection from cyberattacks will be heightened when all critical sectors such as banking, utilities, legal and manufacturing practiced self-protection and shared information about threats and attacks.
Rose said: "This isn't an issue that can be solved just with technology. Governments need to invest in education and awareness at board level to ensure the industry is aware of the risks and acting appropriately."