Only three percent of organizations across the globe have the ‘Mature’ level of readiness needed to be resilient against modern cybersecurity risks, according to Cisco’s 2024 Cybersecurity Readiness Index. The Index highlights that readiness is down significantly from one year ago, when 15% of companies were ranked mature.
The 2024 Cisco Cybersecurity Readiness Index was developed in an era defined by hyperconnectivity and a rapidly evolving threat landscape. Companies today continue to be targeted with a variety of techniques that range from phishing and ransomware to supply chain and social engineering attacks. And while they are building defenses against these attacks, they still struggle to defend against them, slowed down by their own overly complex security postures that are dominated by multiple point solutions.
These challenges are compounded in today’s distributed working environments where data can be spread across limitless services, devices, applications and users. However, 80% of companies still feel moderately to very confident in their ability to defend against a cyberattack with their current infrastructure – this disparity between confidence and readiness suggests that companies may have misplaced confidence in their ability to navigate the threat landscape and may not be properly assessing the true scale of the challenges they face.
The Index assesses the readiness of companies on five key pillars: Identity Intelligence, Network Resilience, Machine Trustworthiness, Cloud Reinforcement, and AI Fortified, which are comprised of 31 corresponding solutions and capabilities. It is based on a double-blind survey of more than 8,000 private sector security and business leaders across 30 global markets conducted by an independent third party. The respondents were asked to indicate which of these solutions and capabilities they had deployed and the stage of deployment. Companies were then classified into four stages of increasing readiness: Beginner, Formative, Progressive and Mature.
Global Findings
Overall, the study found that only three percent of companies are ready to tackle today’s threats, with two-thirds of organizations falling into the Beginner or Formative stages of readiness.
- Future Cyber Incidents Expected:73% of respondents said they expect a cybersecurity incident to disrupt their business in the next 12 to 24 months. The cost of being unprepared can be substantial, as 54% of respondents said they experienced a cybersecurity incident in the last 12 months, and 52% of those affected said it cost them at least US$300,000.
- Point Solution Overload:The traditional approach of adopting multiple cybersecurity point solutions has not delivered effective results, as 80% of respondents admitted that having multiple point solutions slowed down their team’s ability to detect, respond and recover from incidents. This raises significant concerns as 67% of organizations said they have deployed ten or more point solutions in their security stacks, while 25% said they have 30 or more.
- Unsecure and Unmanaged Devices Add Complexity:85% of companies said their employees access company platforms from unmanaged devices, and 43% of those spend one-fifth (20%) of their time logged onto company networks from unmanaged devices. Additionally, 29% reported that their employees hop between at least six networks over a week.
- The Cyber Talent Gap Persists:Progress is being further hampered by critical talent shortages, with 87% of companies highlighting it as an issue. In fact, 46% of companies said they had more than ten roles related to cybersecurity unfilled in their organization at the time of the survey.
- Future Cyber Investments Ramping Up:Companies are aware of the challenge and are ramping up their defenses with over half (52%) planning to significantly upgrade their IT infrastructure in the next 12 to 24 months. This is a marked increase from just one-third (33%) who planned to do so last year. Most prominently, organizations plan to upgrade existing solutions (66%), deploy new solutions (57%), and invest in AI-driven technologies (55%). Further, 97% of companies plan to increase their cybersecurity budget in the next 12 months, and 86% respondents say their budgets will increase by 10% or more.
When it comes to leveraging AI:
- 52% of organizations have yet to significantly incorporate AI into their network security solutions.
- 56% have yet to significantly deploy AI in verifying and securing identity.
- 52% have yet to harness AI in cloud defense applications.
Europe Findings
- Only 2% of organizations in Europe are ready to tackle today’s threats and are in a mature state. Overall, we saw a decline in readiness compared to 2023. 19% are at the Progressive stage, 66% are Formative, and 13% are Beginners.
- Readiness is critical as 69% of respondents said a cybersecurity incident is likely to disrupt their business in the next 12 to 24 months
- Few organizations are prepared to defend against a rapidly evolving landscape – 49% of organizations report having experienced a cyber attack in the last year and being slowed down by their complex security postures
- Companies are taking action to address this – 81% of companies expect to increase their cybersecurity budgets in the next 12 months
- The threat landscape is more complicated than ever – 82% of companies report their employees access company platforms from unmanaged devices
To overcome the challenges of today’s threat landscape, companies must accelerate meaningful investments in security, including adoption of innovative security measures and a security platform approach, strengthen their network resilience, establish meaningful use of generative AI, and ramp up recruitment to bridge the cybersecurity skills gap.
DONATE: Support our work
In an ever changing and challenging world, the media is constantly struggling to resist. Romania Journal makes no exception. We’ve been informing you, our readers, for almost 10 years, as extensively as we can, but, as we reject any state funding and private advertising is scarce, we need your help to keep on going.So, if you enjoy our work, you can contribute to endorse the Romania Journal team. Any amount is welcome, no strings attached. Choose to join with one of the following options:
Donate with PayPal
Donate by Bank Wire
Black Zonure SRLUniCredit Bank. Swift: BACXROBU
RON: RO84 BACX 0000 0022 3589 1000
EURO: RO57 BACX 0000 0022 3589 1001
USD: RO30 BACX 0000 0022 3589 1002