Brazilian firms fail to increase security spend through Covid-19

The majority of companies invests 10% or less of their IT budget in that area, according to new research
Written by Angelica Mari, Contributing Writer

Most Brazilian companies have not increased their investments in information and cyber security since the Covid-19 pandemic emerged despite an increase in threats, according to a new study on perceptions of cybersecurity risk in Latin America since the start of the crisis.

According to the survey, carried out by consulting firm Marsh on behalf of Microsoft, 84% of organizations failed to boost their security spend since March 2020, even though 30% of those polled saw an increase in malicious attacks as a consequence of the novel coronavirus crisis, with phishing and malware being the most frequent types of occurrences.

Despite the increase in security threats, 56% of the Brazilian companies polled currently invest 10% or less of their IT budget in cybersecurity. According to the study, 52% of Brazilian organizations said investment in security has not changed since the start of the pandemic.

In terms of employee practices around security, only 23% of the Brazilian organizations that took part in the study said their workforce is using company-provided equipment to work. At a regional level, 70% of Latin organizations allowed their employees to use their personal devices following the shift to remote working.

According to the study this significantly increased exposure to some type of cyber incident, but remote access security is a priority for only 12% of respondents and the second item on the list for 7% of respondents.

Only a quarter of the Latin companies surveyed increased their cyber security budgets after the pandemic, while the increase in the data protection budget was 26%. Moreover, only 17% of organizations in Latin America have insurance against cyber threats.

"Many results found in this analysis are really worrying, such as the low rates of companies with insurance against cyber risks and security investment", said Marta Schuh, cyber risks superintendent at Marsh Brazil.

"Now that companies are more exposed to remote work and the use of personal devices, it is worrying that few companies have increased their cybersecurity budget after the pandemic and some have even reduced this investment, despite the notable increase in cyber attacks", she added. The study follows the news on massive data leaks in Brazil, which have emerged over recent weeks.

Editorial standards