News Summary:
- Only three percent of organizations globally have the 'Mature'
level of readiness needed to be resilient against today's
cybersecurity risks.
- Readiness is critical as 73% of respondents said a
cybersecurity incident is likely to disrupt their business in the
next 12 to 24 months.
- Companies are taking action to address this as 97% of companies
expect to increase their cybersecurity budgets in the next 12
months.
SAN
JOSE, Calif., March 27,
2024 /PRNewswire/ -- Only three percent of
organizations across the globe have the 'Mature' level of readiness
needed to be resilient against modern cybersecurity risks,
according to Cisco's (NASDAQ: CSCO) 2024 Cybersecurity
Readiness Index. Released today, the Index highlights that
readiness is down significantly from one year ago, when 15% of
companies were ranked mature.
The 2024 Cisco Cybersecurity Readiness Index was developed in an
era defined by hyperconnectivity and a rapidly evolving threat
landscape. Companies today continue to be targeted with a variety
of techniques that range from phishing and ransomware to supply
chain and social engineering attacks. And while they are building
defenses against these attacks, they still struggle to defend
against them, slowed down by their own overly complex security
postures that are dominated by multiple point solutions.
These challenges are compounded in today's distributed working
environments where data can be spread across limitless services,
devices, applications, and users. However, 80% of companies still
feel moderately to very confident in their ability to defend
against a cyberattack with their current infrastructure - this
disparity between confidence and readiness suggests that companies
may have misplaced confidence in their ability to navigate the
threat landscape and may not be properly assessing the true scale
of the challenges they face.
2024 Cisco Cybersecurity Readiness Index: Underprepared and
Overconfident Companies Tackle an Evolving Threat Landscape
The Index assesses the readiness of companies on five key
pillars: Identity Intelligence, Network Resilience, Machine
Trustworthiness, Cloud Reinforcement, and AI
Fortification, which are comprised of 31 corresponding
solutions and capabilities. It is based on a double-blind survey of
more than 8,000 private sector security and business leaders across
30 global markets conducted by an independent third party. The
respondents were asked to indicate which of these solutions and
capabilities they had deployed and the stage of deployment.
Companies were then classified into four stages of increasing
readiness: Beginner, Formative, Progressive and
Mature.
"We cannot underestimate the threat posed by our own
overconfidence," said Jeetu Patel,
Executive Vice President and General Manager of Security and
Collaboration at Cisco. "Today's organizations need to prioritize
investments in integrated platforms and lean into AI in order to
operate at machine scale and finally tip the scales in the favor of
defenders."
Findings
Overall, the study found that only three percent of companies
are ready to tackle today's threats, with two-thirds of
organizations falling into the Beginner or Formative stages of
readiness. Further:
- Future Cyber Incidents Expected: 73% of respondents said
they expect a cybersecurity incident to disrupt their business in
the next 12 to 24 months. The cost of being unprepared can be
substantial, as 54% of respondents said they experienced a
cybersecurity incident in the last 12 months, and 52% of those
affected said it cost them at least US$300,000.
- Point Solution Overload: The traditional approach of
adopting multiple cybersecurity point solutions has not delivered
effective results, as 80% of respondents admitted that having
multiple point solutions slowed down their team's ability to
detect, respond and recover from incidents. This raises significant
concerns as 67% of organizations said they have deployed ten or
more point solutions in their security stacks, while 25% said they
have 30 or more.
- Unsecure and Unmanaged Devices Add Complexity: 85% of
companies said their employees access company platforms from
unmanaged devices, and 43% of those spend one-fifth (20%) of their
time logged onto company networks from unmanaged devices.
Additionally, 29% reported that their employees hop between at
least six networks over a week.
- The Cyber Talent Gap Persists: Progress is being further
hampered by critical talent shortages, with 87% of companies
highlighting it as an issue. In fact, 46% of companies said they
had more than ten roles related to cybersecurity unfilled in their
organization at the time of the survey.
- Future Cyber Investments Ramping Up: Companies are aware
of the challenge and are ramping up their defenses with over half
(52%) planning to significantly upgrade their IT infrastructure in
the next 12 to 24 months. This is a marked increase from just
one-third (33%) who planned to do so last year. Most prominently,
organizations plan to upgrade existing solutions (66%), deploy new
solutions (57%), and invest in AI-driven technologies (55%).
Further, 97% of companies expect to increase their cybersecurity
budget in the next 12 months, and 86% respondents say their budgets
will increase by 10% or more.
To overcome the challenges of today's threat landscape,
companies must accelerate meaningful investments in security,
including adoption of innovative security measures and a security
platform approach, strengthen their network resilience, establish
meaningful use of generative AI, and ramp up recruitment to bridge
the cybersecurity skills gap.
Additional Resources:
- Report: 2024 Cisco Cybersecurity Readiness Index
About Cisco
Cisco (NASDAQ: CSCO) is the worldwide technology leader that
securely connects everything to make anything possible. Our purpose
is to power an inclusive future for all by helping our customers
reimagine their applications, power hybrid work, secure their
enterprise, transform their infrastructure, and meet their
sustainability goals. Discover more on The Newsroom and follow
us on X at @Cisco.
Cisco and the Cisco logo are trademarks or registered trademarks
of Cisco and/or its affiliates in the U.S. and other countries. A
listing of Cisco's trademarks can be found at
www.cisco.com/go/trademarks. Third-party trademarks mentioned are
the property of their respective owners. The use of the word
partner does not imply a partnership relationship between Cisco and
any other company.
View original content to download
multimedia:https://www.prnewswire.com/news-releases/cisco-study-reveals-very-few-organizations-prepared-to-defend-against-todays-rapidly-evolving-threat-landscape-302100718.html
SOURCE Cisco Systems, Inc.