The Russian cybersecurity services market is developing twice as fast as the global market, according to the Roscongress report "Information Security Economics: Decision-Making Logic and the Role of Information Security Managers in Budgeting."
According to estimates by leading consulting companies, the global cybersecurity market could reach $350–500 billion by 2030, with an average annual growth of 9–14%. Against this background, the Russian segment is demonstrating double-digit growth rates, which is associated with an increase in the number of cyberattacks and the need to replace Western solutions with domestic technologies.
According to the Bank of Russia, more than 750 attacks on financial organizations were recorded in 2024. In the first half of 2025, their number increased by another 13%. Companies are actively increasing their information security budgets: almost half of organizations spend more on cyber protection than is required to compensate for inflation, and only about 11% keep funding at the same level.
The effectiveness of these investments often remains outside the focus of management. Top managers view cybersecurity as an expense item, requiring reports only on resources spent, and not on risk reduction or prevented attacks. As the "Unacceptable Event 2025" study showed, a budget of one million rubles is enough for hackers to successfully hack three out of five companies, while 67% of attacks were simple to implement.
Experts emphasize that security services often confuse the technical complexity of a hack with the cost of an attack for attackers. The existence of a market for ready-made cybercrime tools makes it possible to carry out attacks cheaper than companies assume. An adequate assessment of risks is also hampered by the immaturity of management systems, the lack of a unified methodology for the economic assessment of cyber threats, and the insufficient participation of information security directors in strategic decisions.