How much should you spend on cybersecurity?

A little over a year ago, Bank of America Corp. CEO Brian Moynihan put a price tag on how much the financial institution values cybersecurity: priceless.

Moynihan revealed that one of America’s largest banks would spend $400 million on cybersecurity in 2015. What’s more, the CEO said cybersecurity was the only place in Bank of America’s budget that didn’t have a constraint on spending.

In a Forbes article earlier this year, writer and founder of the Cyber 500, Steve Morgan applauded Bank of America for “their blank check approach to protecting their enterprise against the rising tide of cyber crime. They are putting no cap on what they will do to thwart cyber criminals.”

And BofA isn’t the only financial institution to take a big spending approach to secure their data. J.P. Morgan Chase & Co., according to the article, recently increased its cybersecurity budget from $250 million to $500 million.

The trend of rising cybersecurity budgets isn’t just limited to financial institutions, and for good reason. British insurance company Lloyd’s estimated that cyber attacks cost businesses up to $400 billion a year. Other estimates place that cost as high as $500 billion a year.

Some projections say the price tag of cyber crime will continue to rise exponentially over the next few years. Juniper research, the article says, recently projected the cost of data breaches will increase to $2.1 trillion by 2019. Accordingly, the global security market is expected to rise from $75 billion in 2015 to $175 billion by 2020.

But what do all these exorbitant sums mean for small to mid-sized businesses? It’s not feasible or realistic to expect them to have unlimited budgets for cybersecurity.

The question becomes how can those businesses get the most bang for their buck? The good news is there are cost-effective solutions. It’s as simple as being proactive. The old adage an ounce of prevention is worth a pound of cure holds true.

When businesses work hand in hand with a cybersecurity firm to develop security protocols and engage in regular testing and evaluations of their systems, they can stay ahead of a crisis. Having a trusted cybersecurity team means that when a business does fall victim to a data breach, the security firm will catch it quickly, keeping the costs of a cyber attack in check.

Most importantly, smaller businesses can’t assume they are less of a target because of their size and hold off on making investments in cybersecurity. Cyber criminal are indiscriminate. Data is data and often low hanging fruit is just as appealing as high-value targets. So what’s the price tag for security?

The Forbes article puts it this way, “There really are no spending limits when it comes to battling cybercrime,” adding that “cybersecurity spending is a moving target, just like the cyber criminals.” Do what’s best for your business and your customers.