How much should you spend on security?

Let's run through some numbers, shall we? The average US household spends roughly $33 a month on home security (Source: Safewise). Small businesses (under 250 employees) are paying anywhere from $1,390 to $10,870 per year (Source:

A Cisco Security report determined that 46% of mid-market organizations (with 250-999 employees) spent less than $250,000 in 2019. While 43% spent $250,000 to $999,000. For larger companies (1,000–9,999 employees), the most common spend was $250,000–$999,999, while large enterprises with more than 10,000 employees were more likely to spend over $1 million on their security programs.

Just for fun, let's look at personal security. Someone like Jeff Bezos pays $1.6 million yearly, despite his growing wealth of $191 billion. Forbes reported that the amount Amazon pays hasn't changed since 2012 either. Shockingly there are quite a few people ahead of him too.

The flip side of what we're spending always compares to the average cost of home invasions - $2,799 (Source: Bankrate), while small businesses jump up to $145,000 in property losses (Source: Safewise). As one can see from the above stats, these numbers continue to jump up exponentially as businesses grow.

Data is scarce around what percentage of individuals and SMEs break down their security costs into digital and physical, despite the overwhelming amount of data on the numbers when a data breach happens. 

Digital breaches cost individuals an average of $242 and sometimes grow up to $3.92 million, depending on your business size. (Source Digital Guardian). 

It's hard to determine how much our data is worth. Having your personal chat history leaked is probably much closer to the price one places on a family heirloom taken during a home invasion. When data breaches start affecting our livelihoods and professional reputations, I'm guessing many of us begin to think a little harder about what we're spending every month to secure our data. Especially if that data starts to affect our professional reputation.

After all, here's a small list of data captured by tech companies from user profiles on social and chat apps:

• Precise Location
• Coarse Location
• Physical Address
• Advertising Data
• Product Interaction
• Purchase History
• Payment Information
• Ethnic Data
• Sexual Orientation
• Pregnancy
• Childbirth Information
• Disability
• Religious Beliefs
• Photos or Videos
• Gameplay Context
• Search History
• Browsing History

So how much would you spend to secure your data? A buck a month? Maybe three?

How about for your business? Ten bucks? 30? 🤔 Something to think about.