Optional spending line: Tatarstan cuts cyber-security investment to 2.7bn rubles
One organisation in the republic accounted for 389,000 rubles — barely enough to cover a single qualified cyber-security specialist’s monthly salary
Cyber-security spending ranges from 4.3 million to 27,000 rubles
In 2024, Russian companies and state institutions significantly increased their spending on protection against cyber-threats. According to data from the audit company FinExpertiza, total expenditure reached 209bn roubles, 21% higher than the previous year, with each organisation spending an average of around 800,000 roubles on cyber-security.
Seventy-eight percent of large and medium-sized organisations already use cyber-threat protection tools, yet every sixth company encounters cyber incidents each year. The consequences of such incidents include information system failures, data leaks and loss of information.
The highest spending on protecting digital data is observed in the information and communications sector (4.3m roubles per organisation), the financial sector (4m roubles) and the extractive industries (2.2m roubles). Meanwhile, the lowest expenditure is recorded in personal services (67,000 rubles), agriculture (62,000 roubles) and culture, sport and entertainment (27,000 roubles).
Regional differences are also significant. Moscow leads in spending per organisation (4.5m roubles), followed by St Petersburg (1.6m roubles) and the Yamalo-Nenets Autonomous Okrug (979,100 rubles).
In terms of total investment volumes, Moscow again tops the list (132bn roubles), followed by St Petersburg — though at a considerable distance — with 16bn roubles. The Moscow region completes the top three with 5.3bn roubles.
Tatarstan spent 17% less on cyber-security in 2024 than in 2023
According to the study, Tatarstan ranked seventh among regions in 2024 in terms of investment volume — 2.76bn roubles were allocated for cyber-security provision. At the same time, the republic reduced funding for the cyber-security sector by 17.9% compared with 2023, despite the high average growth across Russia.
It is noteworthy that the republic’s investment figure is more than half a billion roubles lower than that of neighbouring Samara region (3.36bn). Spending per organisation is also higher there — 674,000 roubles compared with 389,000 roubles in Tatarstan.
According to experts, such a figure for medium-sized and large businesses is clearly insufficient. This amount would barely cover the monthly salary of a single qualified cyber-security specialist. Nevertheless, according to the chief executive of cyber-security company Xilant, Artur Bashirov, every region has organisations that take cyber-security seriously and those that treat the field formally or ignore it altogether.
Why are investments falling?
According to the study, between 2023 and 2024 cyber-security funding in Tatarstan fell by 17%. The Xilant chief executive explains the drop in investment in the republic by the general economic situation: because of the high key interest rate and rising debt levels, companies are forced to reallocate budgets.
“In such periods, organisations traditionally reduce spending on innovative areas, and cyber-security, unfortunately, most often falls into this category: it is formed on a residual basis rather than as a mandatory item. I believe this is a major problem today,” he said.
“A negative trend in 2025 is possible, but it directly depends on how the macro-economic situation and companies’ financial stability change. If the pressure on business remains high, the risk of further decline persists,” Bashirov concluded.