Only 3 percent of businesses worldwide possess the ‘Mature’ degree of readiness required to be robust against contemporary cybersecurity threats, according to Cisco’s 2024 Cybersecurity Readiness Index. The recently issued Index shows that, compared to a year ago, when 15 percent of organizations were considered mature, there has been a considerable decline in cyber threat readiness.
Today’s businesses are still the subject of a wide range of tactics, including supply chain and social engineering attacks, ransomware, and phishing, according to the 2024 Cisco Cybersecurity Readiness Index. Even if they are developing defenses against these attacks, their own unduly complicated security postures, which are primarily focused on multiple point solutions, would make it difficult for them to protect against these cyber threats.
In today’s distributed work environments, where data might be dispersed among countless services, devices, applications, and users, these difficulties are exacerbated. Nonetheless, 80% of businesses still feel between moderately and very confident in their capacity to fend off a cyberattack using their current infrastructure, according to Cisco’s latest cybersecurity report. This discrepancy between readiness and confidence would raise the possibility that businesses are underestimating the true scope of their challenges and may be mistaken in their perception of their ability to navigate the threat landscape.
Executive Vice President and General Manager of Security and Collaboration at Cisco, Jeetu Patel, stated, “We cannot underestimate the threat posed by our own overconfidence. Investments in integrated platforms must be prioritized by today’s organizations in order to operate at machine scale and ultimately tip the scales in favor of defenders.”
Findings of the Cybersecurity Study
According to the Cisco cybersecurity report, two-thirds of enterprises are in the Beginner or Formative phases of reparation, meaning that only 3% of businesses are prepared to face the risks of today. Further:
Anticipated Future Cyber Incidents – According to 73% of respondents, a cybersecurity event is likely to affect their company during the next 12 to 24 months. Being unprepared can come at a high cost: 54% of respondents reported having dealt with a cybersecurity problem in the previous year, and 52% of those impacted claimed the incident cost them at least $300,000.
Point Solution Overload – 80% of respondents acknowledged that their team’s capacity to identify, respond, and recover from problems was slowed down by the use of many point solutions, proving that the old method of deploying multiple cybersecurity point solutions has not produced successful outcomes. Given that 25% of firms reported having 30 or more point solutions in their security stacks, and 67% of organizations claimed they had deployed ten or more, this presents serious risks.
Unmanaged and Insecure Devices Add Complexity – According to 85% of businesses, employees use unmanaged devices to access company platforms, and among them, 43% log on to company networks from unmanaged devices for one-fifth (20%) of their total time. Furthermore, according to 29% of employers, their staff members switch between at least six networks per week.
The Cyber Talent Gap Remains – According to 87% of businesses, there is a major talent shortage that is impeding progress. In fact, at the time of the survey, 46% of businesses said that they had more than ten open cybersecurity-related positions.
Future Cyber Investments Increasing – Businesses are increasing their defenses in response to the threat and are aware of it; more than half (52%) intend to radically improve their IT infrastructure during the next 12 to 24 months. This is a significant rise over the mere third (33%) who said they intended to do so the previous year. Organizations’ top priorities are to implement new solutions (57%) and improve current ones (66%), as well as to invest in AI-driven technologies (55%). Furthermore, 86% of respondents said their budgets will increase by 10% or more, and 97% of organizations aim to increase their cybersecurity budget in the upcoming year.
To conclude, Cisco advises companies in its report to make significant investments in security more quickly to meet the challenges posed by the current threat landscape. These investments should include adopting innovative cybersecurity measures and a security platform approach, strengthening network resilience, establishing the useful application of generative AI, and increasing recruitment to close the skills gap in cybersecurity.
