Hundreds of U.S. financial companies are ramping up spending to combat hackers following attacks this summer on J.P. Morgan Chase & Co. and at least a dozen other firms.Financial-services companies plan to bolster their cybersecurity budgets by about $2 billion over the next two years, according to accounting and consulting firm PricewaterhouseCoopers.
Spending this year on protecting networks and other cybersecurity efforts will total $4.1 billion, according to PwC's survey of 758 banks, insurers, money managers and other companies. The survey's results, which include the world's largest banks, are set to be broadly released Monday.
The spending increases represent accelerated efforts to keep hackers out and a realization that previous efforts haven't been sufficient.
The increased spending may be a boon for consulting firms and security experts that have increasingly been focused on building up banks' defenses to cybercrime. The firms include PwC, Deloitte and International Business Machines Corp. as well as smaller specialists like FireEye Inc., Palo Alto Networks Inc. and Trend Micro Inc.
Joe Nocera, a technology consulting partner at PwC who worked on the study, said the spending at the 758 companies would likely rise 10% to 20% annually in coming years, leading to $1.3 billion to $2.6 billion in additional spending by 2016.
While Internet breaches have hit everyone from big-box retailers to the U.S. Postal Service, banks and investment firms are in the spotlight because they have been attacked frequently and handle reams of sensitive client data, including millions of checking and savings accounts.
Banks' response has been to spend more. Citigroup Inc. 's annual cybersecurity budget has risen in recent years to more than $300 million, people familiar with the bank said.
In an Oct. 30 research report, Wells Fargo & Co. predicted all companies will accelerate their cybersecurity spending by a "low- to mid-teens" percentage over the next two years, compared with an earlier industry estimate by Gartner Inc. of an 8% increase.
For its own operations, San Francisco-based Wells Fargo spends roughly $250 million a year on cybersecurity and has increased staffing in the area by 50%, a person familiar with the matter has said.
The money spent by banks goes to a range of places, from higher salaries for cybersecurity executives to more consultants and programs that are more resistant to hackers. Firms are also spending money to minimize the damage of hacks when they do happen.
Few incidents have garnered the attention of the J.P. Morgan breach earlier this year, which compromised contact information for 76 million households that have been customers of the bank. Less than two months after the problem was disclosed, Chief Executive James Dimon said cybersecurity spending could double over the next five years from $250 million in 2014.
In his letter to shareholders this year, written before the breach, Mr. Dimon wrote that J.P. Morgan by the end of this year will have about 1,000 people focused on cybersecurity. The bank is also working on building and running three cybersecurity operations centers. This year, the bank hired Greg Rattray, a former U.S. Air Force commander and White House National Security Council member, to run cybersecurity.
Overall, the number of financial firms reporting losses of more than $10 million from cybersecurity incidents increased more than 140% from a year ago, according to the PwC report. Financial-services companies accounted for 34% of all breaches in 2013, almost three times the percentage of the public sector, which garnered the next highest reading, according to the Verizon 2014 Data Breach Investigation report.
Some financial companies boosted spending earlier. Nasdaq OMX Group Inc. , which runs the Nasdaq Stock Market, raised its cyber-related spending 340% after a 2010 hacking incident affected a server unrelated to its trading platforms, a spokesman for the company said. The firm's CEO, Robert Greifeld, said products and services available to companies to fight off hackers had improved in recent years.