Enterprises in the Middle East, Turkey and Africa (META) region with outdated technology can lose 16% more money when they suffer a data breach compared to those who update everything in a timely manner.

According to a recent Kaspersky report “How businesses can minimise the cost of a data breach”, for small and medium-sized businesses, the difference is even starker – up to 54% globally.

The problem of obsolete and unpatched software is quite common and important for businesses to address, since half of organisations in the META region (55%) use at least some form of out-of-date technology in their infrastructure.

While vulnerabilities are inevitable in any software, regular patching and updates can minimise the risk of exploitation. That’s why users are always advised to install the latest software versions as soon as they are available, even if these updates can sometimes be difficult or a time-consuming task for organisations.

With many businesses having at least some form of outdated technology (55%), Kaspersky’s survey shows that organisations should prioritise renewing software and be prepared to invest because doing so could save them money in the long-term.

If a data breach happens, enterprises in the META region with any form of outdated technology, including unpatched operating systems, old software and unsupported mobile devices, can suffer an additional $158 000 in financial damage, taking losses to a total of $1,152-millio. This is 16% more than the cost for companies with completely updated technologies ($994 000).

As for small and medium-sized businesses, they can lose an additional $33 000. The total cost rises to $122 000 – 36% more compared to $89 000 for businesses with all required updates installed.

Among the reasons given for not updating technologies, the most commonly reported in the META region is that some line employees refuse to work with new software and devices, so an exception was made for them (54%). Other reasons include: in-house apps that cannot run on new devices or operating systems (48%), as well as they belong to C-level staff and we exclude them from our update plan (44%).

“Any additional costs for business are of course critical, especially now,” comments Sergey Martsynkyan, Head of B2B Product Marketing at Kaspersky. “The global economic situation is unstable because of the pandemic and investments in IT and IT security are predicted to decrease.

“This is why in the latest ‘IT Security Economics’ report we wanted to explore how businesses can reduce the burden in case of a cybersecurity incident. It offers strong reasoning why the issue of obsolete software is so important.

“Even if it is impossible to get rid of it overnight, there are still some measures to mitigate the risk. Companies can not only save money, but also avoid other potential consequences – which is crucial for any business.”