Just two percent of organisations have “mature” cybersecurity readiness, according to Cisco‘s 2024 Cybersecurity Readiness Index.
Released at this week’s Enterprise Connect, that alarming figure marks a decline from 17 percent of organisations being mature in cybersecurity readiness last year. Just as concerningly, almost three-quarters of organisations fall into Cisco’s Beginner or Formative stages of readiness (72 percent).
The Readiness Index reflects a period characterised by hyperconnectivity and an evolving threat landscape. Despite ongoing efforts to defend against various techniques such as phishing, ransomware, and social engineering attacks, businesses struggle to keep pace due to overly complex security postures dominated by multiple-point solutions. These challenges are amplified in distributed working environments where data spans myriad services, devices, applications, and users.
Despite this complexity, 78 percent of companies remain moderately to very confident in their ability to defend against cyberattacks with their current infrastructure, according to Cisco’s findings. Cisco suggests this confidence may be misplaced, highlighting a need for more comprehensive assessments of cybersecurity readiness.
Jeetu Patel, Executive Vice President and General Manager of Security and Collaboration at Cisco, said:
We cannot underestimate the threat posed by our own overconfidence. Today’s organizations need to prioritize investments in integrated platforms and lean into AI in order to operate at machine scale and finally tip the scales in the favor of defenders.”
The data is informed from a double-blind survey of 8,136 private sector global business leaders with cybersecurity responsibilities in their respective organisations and was conducted by a third party.
The Index evaluates companies’ readiness across five essential pillars: Identity Intelligence, Network Resilience, Machine Trustworthiness, Cloud Reinforcement, and AI Fortification, encompassing 31 corresponding solutions and capabilities. Respondents indicate their deployed solutions and deployment stage, enabling classification into four readiness stages: Beginner, Formative, Progressive, and Mature.
Other Compelling Stats
Cisco found that most organisations expect future cybersecurity incidents despite their concerning grading.
Seventy percent of respondents anticipate a cybersecurity incident disrupting their business within the next 12 to 24 months. The ramifications of being unprepared are significant, with 54 percent reporting a cybersecurity incident in the last year. Among those affected, 52 percent stated the incident incurred costs of at least US$300,000.
Another takeaway was that unsecure and unmanaged devices add extra complexity. 80 percent of companies disclosed that their employees access company platforms from unmanaged devices, with 40 percent of them spending one-fifth of their time logged onto company networks using such devices. 26 percent indicated that their employees switch between at least six networks within a week.
Another critical issue is the talent gap in cybersecurity, with 85 percent of companies raising talent shortages as an obstacle to cybersecurity readiness. 41 percent of companies reported having more than ten vacant cybersecurity-related roles within their organisation at the time of the survey.
Lastly, organisations note the need to increase future cybersecurity investments. Forty-seven percent of organizations plan significant IT infrastructure upgrades in the next 12-24 months, up from 31 percent last year. Mainly, they’ll enhance existing solutions (70 percent), deploy new ones (60 percent), and invest in AI tech (55 percent). Moreover, 96 percent expect to boost cybersecurity budgets, with over four-fifths planning increases of 10 percent or more.
Cisco’s Enterprise Connect And Two Eye-Catching Studies
The Cybersecurity Readiness Index wasn’t Cisco’s only intriguing study this week.
Cisco‘s new Hybrid Work Survey for 2024 found that less than half of workers believe their offices are well-equipped for hybrid working.
The report highlights that while most employees are generally upbeat about returning to the office in some capacity, they find the spaces too oriented around individual work rather than encouraging collaboration. 72 percent of employees surveyed by Cisco said they were hopeful about returning to the office but wanted better-equipped spaces for collaboration, while only 47 percent believe their work environments are equipped for the new era of hybrid work.
With over four-fifths (81 percent) of employers saying they have already or are planning on redesigning office space, a further slight increase in that figure in 83 percent of respondents acknowledge that collaboration-driven improvements attract and retain talent.
Both employers and employees acknowledge the need for offices to encourage collaboration and innovation in hybrid models.
