-
Readiness is critical as 73% of respondents said a cybersecurity incident is likely to disrupt their business in the next 12 to 24 months.
-
Companies are taking action to address this as 97% of companies expect to increase their cybersecurity budgets in the next 12 months.
According to Cisco’s 2024 Cybersecurity Readiness Index, only three percent of organizations worldwide are considered to have the highest level of readiness necessary to withstand modern cybersecurity threats. This marks a significant decrease from the previous year when 15% of companies were classified as mature in readiness.
The report reflects the current state of cybersecurity preparedness in an era characterized by extensive connectivity and rapidly evolving cyber threats. Despite ongoing efforts to defend against various attack techniques such as phishing, ransomware, and social engineering, organizations are struggling to keep up, hindered by complex security setups comprised of multiple solutions.
These challenges are further aggravated in today’s distributed work environments where data is dispersed across numerous services, devices, applications, and users. Surprisingly, despite these complexities, 80% of companies express moderate to high confidence in their ability to fend off cyberattacks using their existing infrastructure. This disparity between confidence levels and actual readiness suggests that organizations may overestimate their ability to handle cyber threats and may not fully grasp the extent of the risks they face.
Read More About Hrtech : Untraditional Ways to Discover Tech Talent and Promising Software Projects
The Index assesses the readiness of companies on five key pillars: Identity Intelligence, Network Resilience, Machine Trustworthiness, Cloud Reinforcement, and AI Fortification, which are comprised of 31 corresponding solutions and capabilities. It is based on a double-blind survey of more than 8,000 private sector security and business leaders across 30 global markets conducted by an independent third party. The respondents were asked to indicate which of these solutions and capabilities they had deployed and the stage of deployment. Companies were then classified into four stages of increasing readiness: Beginner, Formative, Progressive and Mature.
“We cannot underestimate the threat posed by our own overconfidence,” said Jeetu Patel, Executive Vice President and General Manager of Security and Collaboration at Cisco. “Today’s organizations need to prioritize investments in integrated platforms and lean into AI in order to operate at machine scale and finally tip the scales in the favor of defenders.”
Key Findings
Overall, the study found that only three percent of companies are ready to tackle today’s threats, with two-thirds of organizations falling into the Beginner or Formative stages of readiness. Further:
- Future Cyber Incidents Expected: 73% of respondents said they expect a cybersecurity incident to disrupt their business in the next 12 to 24 months. The cost of being unprepared can be substantial, as 54% of respondents said they experienced a cybersecurity incident in the last 12 months, and 52% of those affected said it cost them at least US$300,000.
- Point Solution Overload: The traditional approach of adopting multiple cybersecurity point solutions has not delivered effective results, as 80% of respondents admitted that having multiple point solutions slowed down their team’s ability to detect, respond, and recover from incidents. This raises significant concerns as 67% of organizations said they have deployed ten or more point solutions in their security stacks, while 25% said they have 30 or more.
- Unsecure and Unmanaged Devices Add Complexity: 85% of companies said their employees access company platforms from unmanaged devices, and 43% of those spend one-fifth (20%) of their time logged onto company networks from unmanaged devices. Additionally, 29% reported that their employees hop between at least six networks over a week.
- The Cyber Talent Gap Persists: Progress is being further hampered by critical talent shortages, with 87% of companies highlighting it as an issue. 46% of companies said they had more than ten roles related to cybersecurity unfilled in their organization at the time of the survey.
- Future Cyber Investments Ramping Up: Companies are aware of the challenge and are ramping up their defenses with over half (52%) planning to significantly upgrade their IT infrastructure in the next 12 to 24 months. This is a marked increase from just one-third (33%) who planned to do so last year. Most prominently, organizations plan to upgrade existing solutions (66%), deploy new solutions (57%), and invest in AI-driven technologies (55%). Further, 97% of companies expect to increase their cybersecurity budget in the next 12 months, and 86% of respondents say their budgets will increase by 10% or more.
To overcome the challenges of today’s threat landscape, companies must accelerate meaningful investments in security, including the adoption of innovative security measures and a security platform approach, strengthen their network resilience, establish meaningful use of generative AI, and ramp up recruitment to bridge the cybersecurity skills gap.
Latest Hrtech Insights: MDM Software in 2024: Addressing Challenges of the Near Future in Corporate Devices
[To share your insights with us, please write to pghosh@itechseries.com ]