Economic conditions and cyber risk are intertwined. Periods of economic slowdown often coincide with an increase in cybercrime, evidenced by ransomware surges, data breaches, and insider-driven attacks.
This research article investigates the inverse relationship between a slowing economy and the rise of cyber threats. Drawing on industry reports and news analyses, it explores how budget constraints, layoffs, and financial stress create fertile ground for malicious actors.
One of the clearest links between economic contractions and cyber risk is reduced funding for security. Kyndryl’s Cyber Gauge 2024 notes that a lack of cybersecurity budget is increasingly common due to the global economic downturn.
With budgets failing to keep pace, organizations may postpone investments in monitoring tools, incident response, and employee training.
TechTarget reported that more than one-third of chief information security officers (CISOs) experienced flat or shrinking budgets in 2023, with annual security spending growth slipping from 17 percent to only 6 percent.
Inflation and recession fears prompted belt-tightening across many enterprises, leading to cautious or deferred spending on non-essential initiatives.
Similarly, an Execweb survey found that 37 percent of CISOs reported flat or declining budgets, and economic pressure was the main reason—highlighting that cybersecurity budgets are often viewed as discretionary.
In response, organizations consolidate or discontinue solutions: in a 2024 Cyber Resilience survey, 45 percent of respondents consolidated security products and 15 percent terminated some solutions due to the downturn, causing project delays of three to six months.
Such cutbacks increase exposure, particularly for sectors like healthcare and finance that rely on continuous security investment.
A slowing economy also results in workforce reductions, which can amplify insider threats.
Mass layoffs across the technology sector in 2023–2024 left about 500 000 individuals unemployed—a situation reminiscent of post-Soviet layoffs that fueled early cybercrime (Kyndryl, 2024).
Kyndryl’s report uses the fraud triangle (motive, opportunity, rationalization) to explain that economic downturns amplify all three factors, lowering barriers to entry into cybercrime.
The cost-of-living crisis in the United Kingdom shows similar patterns:
Help Net Security notes that layoffs and wage freezes lead to disgruntled insiders, with 83 percent of organizations reporting insider attacks in 2024; layoff news itself becomes fodder for phishing and social engineering campaigns.
Without robust offboarding processes and continuous monitoring, ex-employees may retain access to sensitive systems, increasing the risk of data exfiltration.
The combination of financial stress and insider access creates a potent threat vector during economic downturns.
Budget cuts and workforce reductions expand opportunities for external threat actors.
Reduced staffing leads to longer patch cycles and slower incident response, making it easier for criminals to exploit vulnerabilities.
During the 2023 cost-of-living crisis, inflation pressures forced organizations to reduce security staffing, and two-thirds of respondents reported an increase in insider risk (PaymentsJournal, 2023).
Lumifi argues that recession-driven budget cuts result in hiring freezes and salary reductions, increasing staff workloads and insider risk; at the same time, financially pressured employees are more susceptible to phishing lures.
As recession deepens, attackers increase finance-related phishing and scanning attacks, and financially stressed employees may rationalize involvement in cybercrime.
Consequently, organizations facing economic stress become “soft targets,” with both external and internal actors exploiting weakened defenses.
Beyond organizational dynamics, broader macroeconomic indicators correlate with cyber threat volumes.
According to the International Monetary Fund (IMF), cyberattacks more than doubled between the start of the COVID-19 pandemic and 2024; extreme losses from major incidents quadrupled to approximately US$ 2.5 billion since 2017.
While these statistics do not directly attribute growth to recessions, they illustrate the overall upward trajectory of cybercrime, which may be exacerbated during economic downturns.
Economic volatility tends to coincide with increased financial crime, as both opportunistic hackers and organized criminal groups exploit uncertainty and heightened fear.
Given this inverse relationship between a slowing economy and rising cyber threats, organizations cannot afford to scale back security.
Instead, they should adopt cost-effective measures to maintain resilience:
These strategies align with the principle that preventive and adaptive security investments are more cost-effective than reacting to costly breaches.
Economic slowdowns create an environment where cyber threats thrive.
Budget reductions, layoffs, and financial stress increase both external and insider risks, while criminals become more motivated and resourceful.
By acknowledging this inverse relationship and adopting risk-based resilience measures, organizations can mitigate the impact of economic cycles on their security posture.
Protecting digital infrastructure amid financial headwinds is not just prudent—it’s essential for maintaining business continuity and public trust.