Cisco Study Reveals Very Few Organizations Prepared to Defend Against Today's Rapidly Evolving Threat Landscape

Rhea-AI Summary

Cisco's 2024 Cybersecurity Readiness Index reveals that only 3% of organizations globally are 'Mature' in cybersecurity readiness, down from 15% last year. Companies remain overconfident despite facing evolving threats, with 73% expecting a cyber incident in the next 12-24 months. The study highlights challenges like point solution overload, unsecure devices, cyber talent gap, and the need for increased cybersecurity investments.

Cybersecurity Expert

The findings from Cisco's 2024 Cybersecurity Readiness Index serve as a stark reminder of the vast gap between perceived security and actual preparedness within organizations. The report's indication that a mere three percent of organizations have achieved a 'Mature' level of readiness underscores the urgency for a systemic overhaul of cybersecurity strategies.

From a cybersecurity standpoint, the reliance on point solutions is a critical issue. These solutions often operate in silos, leading to fragmented security postures that hinder quick and effective incident response. The data suggests a need for a more integrated approach, leveraging platforms that can provide a holistic view of the threat landscape and streamline the detection and response process.

Additionally, the report's focus on the importance of AI Fortification is noteworthy. AI-driven technologies have the potential to significantly enhance threat detection capabilities and automate responses, which is important given the current cyber talent gap. However, the effectiveness of AI in cybersecurity hinges on the availability of quality data and the ability to integrate across various security systems.

IT Infrastructure Analyst

The report's revelation that over half of the surveyed companies plan to upgrade their IT infrastructure in the near future indicates a significant shift in resource allocation towards cybersecurity. This shift is not just about increasing budgets but also about investing in the right technologies that can adapt to the evolving threat landscape.

Organizations are recognizing the need to move away from a patchwork of point solutions to more robust, scalable security platforms. This transition is expected to streamline operations and potentially reduce the complexity that currently hampers security teams. Furthermore, the emphasis on upgrading existing solutions and deploying new ones suggests a trend towards modernization, where legacy systems are replaced or augmented with cutting-edge technologies capable of withstanding sophisticated cyber threats.

Human Resources Specialist in Cybersecurity

The Cybersecurity Readiness Index highlights a persistent talent gap in the cybersecurity industry, which is a critical factor in an organization's ability to defend against cyber threats. The report shows that a significant number of companies have multiple cybersecurity roles unfilled, which can severely impact their defensive capabilities.

As companies ramp up their cybersecurity budgets, it is imperative that they also focus on talent acquisition and retention strategies. Investing in employee training and development, creating clear career pathways and fostering a culture that values security are all essential steps towards closing this gap. Moreover, organizations may need to look into alternative solutions such as partnering with universities or offering internships to build a pipeline of skilled cybersecurity professionals.

News Summary:

• Only three percent of organizations globally have the 'Mature' level of readiness needed to be resilient against today's cybersecurity risks.
• Readiness is critical as 73% of respondents said a cybersecurity incident is likely to disrupt their business in the next 12 to 24 months.
• Companies are taking action to address this as 97% of companies expect to increase their cybersecurity budgets in the next 12 months.

SAN JOSE, Calif., March 27, 2024 /PRNewswire/ -- Only three percent of organizations across the globe have the 'Mature' level of readiness needed to be resilient against modern cybersecurity risks, according to Cisco's (NASDAQ: CSCO) 2024 Cybersecurity Readiness Index. Released today, the Index highlights that readiness is down significantly from one year ago, when 15% of companies were ranked mature.

The 2024 Cisco Cybersecurity Readiness Index was developed in an era defined by hyperconnectivity and a rapidly evolving threat landscape. Companies today continue to be targeted with a variety of techniques that range from phishing and ransomware to supply chain and social engineering attacks. And while they are building defenses against these attacks, they still struggle to defend against them, slowed down by their own overly complex security postures that are dominated by multiple point solutions.

These challenges are compounded in today's distributed working environments where data can be spread across limitless services, devices, applications, and users. However, 80% of companies still feel moderately to very confident in their ability to defend against a cyberattack with their current infrastructure - this disparity between confidence and readiness suggests that companies may have misplaced confidence in their ability to navigate the threat landscape and may not be properly assessing the true scale of the challenges they face.

2024 Cisco Cybersecurity Readiness Index: Underprepared and Overconfident Companies Tackle an Evolving Threat Landscape

The Index assesses the readiness of companies on five key pillars: Identity Intelligence, Network Resilience, Machine Trustworthiness, Cloud Reinforcement, and AI Fortification, which are comprised of 31 corresponding solutions and capabilities. It is based on a double-blind survey of more than 8,000 private sector security and business leaders across 30 global markets conducted by an independent third party. The respondents were asked to indicate which of these solutions and capabilities they had deployed and the stage of deployment. Companies were then classified into four stages of increasing readiness: Beginner, Formative, Progressive and Mature.

"We cannot underestimate the threat posed by our own overconfidence," said Jeetu Patel, Executive Vice President and General Manager of Security and Collaboration at Cisco. "Today's organizations need to prioritize investments in integrated platforms and lean into AI in order to operate at machine scale and finally tip the scales in the favor of defenders."

Findings

Overall, the study found that only three percent of companies are ready to tackle today's threats, with two-thirds of organizations falling into the Beginner or Formative stages of readiness. Further:

• Future Cyber Incidents Expected: 73% of respondents said they expect a cybersecurity incident to disrupt their business in the next 12 to 24 months. The cost of being unprepared can be substantial, as 54% of respondents said they experienced a cybersecurity incident in the last 12 months, and 52% of those affected said it cost them at least US$300,000.
• Point Solution Overload: The traditional approach of adopting multiple cybersecurity point solutions has not delivered effective results, as 80% of respondents admitted that having multiple point solutions slowed down their team's ability to detect, respond and recover from incidents. This raises significant concerns as 67% of organizations said they have deployed ten or more point solutions in their security stacks, while 25% said they have 30 or more.
• Unsecure and Unmanaged Devices Add Complexity: 85% of companies said their employees access company platforms from unmanaged devices, and 43% of those spend one-fifth (20%) of their time logged onto company networks from unmanaged devices. Additionally, 29% reported that their employees hop between at least six networks over a week.
• The Cyber Talent Gap Persists: Progress is being further hampered by critical talent shortages, with 87% of companies highlighting it as an issue. In fact, 46% of companies said they had more than ten roles related to cybersecurity unfilled in their organization at the time of the survey.
• Future Cyber Investments Ramping Up: Companies are aware of the challenge and are ramping up their defenses with over half (52%) planning to significantly upgrade their IT infrastructure in the next 12 to 24 months. This is a marked increase from just one-third (33%) who planned to do so last year. Most prominently, organizations plan to upgrade existing solutions (66%), deploy new solutions (57%), and invest in AI-driven technologies (55%). Further, 97% of companies expect to increase their cybersecurity budget in the next 12 months, and 86% respondents say their budgets will increase by 10% or more.

To overcome the challenges of today's threat landscape, companies must accelerate meaningful investments in security, including adoption of innovative security measures and a security platform approach, strengthen their network resilience, establish meaningful use of generative AI, and ramp up recruitment to bridge the cybersecurity skills gap.

Additional Resources:

• Report: 2024 Cisco Cybersecurity Readiness Index

About Cisco 
Cisco (NASDAQ: CSCO) is the worldwide technology leader that securely connects everything to make anything possible. Our purpose is to power an inclusive future for all by helping our customers reimagine their applications, power hybrid work, secure their enterprise, transform their infrastructure, and meet their sustainability goals. Discover more on The Newsroom and follow us on X at @Cisco.  

Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. 

View original content to download multimedia:https://www.prnewswire.com/news-releases/cisco-study-reveals-very-few-organizations-prepared-to-defend-against-todays-rapidly-evolving-threat-landscape-302100718.html

SOURCE Cisco Systems, Inc.

What does Cisco's 2024 Cybersecurity Readiness Index reveal about global organizations?

Only 3% of organizations are 'Mature' in cybersecurity readiness, down from 15% last year.

What percentage of companies expect a cybersecurity incident in the next 12-24 months?

73% of companies expect a cybersecurity incident in the next 12-24 months.

What are some challenges highlighted in the study regarding cybersecurity?

Challenges include point solution overload, unsecure devices, cyber talent gap, and the need for increased cybersecurity investments.

How many companies plan to increase their cybersecurity budget in the next 12 months?

97% of companies expect to increase their cybersecurity budget in the next 12 months.

What is the key recommendation for companies to overcome challenges in the threat landscape?

Companies must accelerate investments in security, adopt innovative security measures, strengthen network resilience, use generative AI, and recruit to bridge the cybersecurity skills gap.