Cisco study: How ready are companies to manage security threats?

news
Ciprian Adrian Rusen
29.04.2024

I recently attended a press event where Cisco shared its 2024 Cybersecurity Readiness Index report. It gives an overview of the global cybersecurity landscape and evaluates how well-equipped organizations are to handle present-day cybersecurity risks. If you're interested in learning about the threats organizations face worldwide, the difficulties they encounter, and their readiness from a cybersecurity standpoint, I recommend reading this article. The report contains some intriguing statistics:

Table of contents

The dangers faced by organizations worldwide

According to the survey conducted by Cisco, 73% of respondents believe that their business is likely to face a cybersecurity incident in the next 12-24 months, which could lead to a major disruption. Being unprepared for such an eventuality can be costly, as 54% of respondents reported experiencing a cybersecurity incident in the past 12 months, and 52% of those affected incurred a cost of at least $300,000.

Over the past year, global organizations have faced a complex variety of attacks, including ransomware (35%), attacks targeting data and authentication processes (37%), supply chain attacks (32%), social engineering attacks (32%), and cryptojacking (27%). The situation is expected to continue evolving, with 11% of companies anticipating that AI-related cyber threats will be among the top three risks in the coming year.

How companies evaluate their cybersecurity

The Cybersecurity Readiness Index report highlighted some important findings:

80% of companies have a moderate to very high level of confidence in their ability to defend against a cyber attack with their current infrastructure.
46% of respondents said they had more than ten cybersecurity vacancies in their organization at the time of the survey.
80% of respondents admitted that having multiple solutions that address distinct needs has slowed their teams' ability to detect, react to, and recover from security incidents. This creates significant concerns, as 67% of organizations said they have implemented ten or more different solutions in their security architecture, while 25% said they have 30 or more solutions.
36% of companies consider identity protection to be their most difficult cybersecurity challenge.

The cybersecurity readiness of organizations worldwide

Some of the most important findings shared by Cisco

The confidence level reported by the companies that participated in the survey contrasts sharply with the findings of Cisco’s report. According to the assessments, only 3% of organizations globally have a Mature level of cybersecurity readiness - the level needed to withstand today's security risks. The report highlights that organizations' readiness has dropped significantly from a year ago, when 15% of companies were assessed as having a Mature level of readiness.

This difference between how confident organizations feel about their security readiness and their actual preparedness indicates that they may not effectively evaluate their own ability to handle cybersecurity threats and the extent of the challenges they may encounter. This discrepancy is particularly surprising considering the ongoing problem of skilled employee shortages, which has been highlighted by 87% of companies.

Many organizations are aware of the challenges of cybersecurity and are taking steps to improve their defenses. More than half of the companies surveyed (52%) plan to significantly upgrade their IT infrastructure within the next 12-24 months. This is a notable increase from just a third (33%) planning to do so last year. The majority of organizations (66%) plan to upgrade their existing solutions, 57% prepare to implement new solutions, and 55% intend to invest in artificial intelligence-based technologies. Additionally, 97% of companies aim to increase their cybersecurity budget in the next 12 months. Of those, 86% of respondents said their budgets would grow by 10% or more.

Artificial intelligence is part of the solution

In addition to the troubling data presented in the report, Cisco also provides useful recommendations for any organization, regardless of size or complexity:

Organizations must continue to accelerate their investment in cybersecurity safeguards across the board, including adopting a platform-oriented approach, to ensure that all solutions in the security stack can be leveraged to their full capacity.
It is important to promptly identify and eliminate any vulnerabilities created by unmanaged devices and unsecured Wi-Fi networks used by employees.
Adopting generative AI technology and leveraging it to improve security programs and operational resilience.
Intensifying the recruitment and training of specialists to reduce the cybersecurity talent shortage. Where possible, leverage advances in artificial intelligence to enhance and automate workloads while drawing in external cybersecurity expertise to help address key gaps in building and operating cybersecurity infrastructure.
Establishing a baseline of how prepared the organization is in terms of key security pillars, monitoring them on an ongoing basis, and taking concrete action in areas where needed.

It is evident from the report that artificial intelligence is not only a threat to organizations worldwide but also an essential part of the solution. Unfortunately:

52% of organizations have not yet significantly incorporated artificial intelligence into their security solutions
56% have not implemented AI in their employee identity protection either
55% have not yet managed to significantly implement AI to support the management and protection of the devices they use
52% have not yet leveraged AI in applications to defend the cloud solutions they use.

The adoption of AI in cybersecurity

The 2024 Cybersecurity Readiness Index highlights the need to integrate artificial intelligence into cybersecurity platforms and reveals that global organizations, with small exceptions, are just starting to do so.

The methodology used for the Cisco Cybersecurity Readiness Index

The companies surveyed in the report were assessed using five key pillars for resilient cybersecurity in the face of modern threats:

Identity Intelligence - an assessment of how a company protects the identity of its employees, network authentication mechanisms, and internal services. Advanced mechanisms are required to safeguard users and verify their identities, the contexts in which they log on to the network, and their access rights. These mechanisms are crucial to ensuring the protection of business networks in 2024.
Machine Trustworthiness - Cisco assessed not only the diversity of devices used by employees within the company (laptops, phones, tablets, smartwatches, etc.) but also the smart devices used within the company (sensors, smart industrial machines, lock/unlock, surveillance cameras, etc.). All these devices can be a point of entry into the network for a malicious actor. Cisco has, therefore, assessed how all types of devices that access the network and the services, applications, and data within it are protected and managed.
Network Resilience - a significant percentage of employees worldwide enjoy a hybrid work environment, working from a large number of locations outside the company and its network. This increases the complexity of the protection required so that company and employee data is not stolen by malicious actors. For the best protection, solutions are needed to analyze encrypted network traffic, firewalls with intrusion prevention systems, anomaly detection solutions for network traffic, etc.
Cloud Reinforcement - many organizations are using cloud solutions managed by third parties or hybrid cloud solutions. These come with additional security challenges and specialized protection tools are needed, such as software firewalls and the implementation of secure access perimeters to these services.
AI Fortification - a growing number of malicious actors use artificial intelligence tools to overcome and compromise business organizations' cyber defense shields. Cisco has assessed the level of adoption of AI technologies in the security tools organizations use to increase the effectiveness of their protection.

For each key area, an importance score was assigned, and depending on the answers given, each organization was rated up to a maximum of 100. Companies were then categorized into four stages of readiness development: Beginner, Formative, Progressive, and Mature.

Download the Cisco Cybersecurity Readiness Index

The report includes plenty of interesting data, including a detailed description of the methodology used, as well as useful recommendations on how individual organizations can fortify their security. One of the most interesting things in Cisco's assessment is the split by business sectors, which shows which types of organizations tend to be more mature in their approach to cybersecurity, which don't, and why. For example, there are consistent differences between companies providing business services and those in the education sector. And the companies that seem to have most readily understood the need for artificial intelligence fortification are those in the technology sector. If I made you curious, you can access the full report here: 2024 Cisco Cybersecurity Readiness Index.

Discover: Security Blog News

Join the discussion: See the comments Comment

How to remove the Lock screen widgets from Windows 11 and Windows 10

tutorial
Ciprian Adrian Rusen
16.05.2024

At the end of March 2024, Microsoft started deploying a new update for Windows 11 (KB5035942), followed by Windows 10 (KB5035941). This update addressed many issues and bugs but also introduced a new feature: the ability to display widgets on the Lock screen for things like sports, traffic, and finance content, along with the weather forecast. This feature was not

How to change the language on Android (including Samsung)

tutorial
Codrut Neagu
14.05.2024

Switching languages on Android is easy! Just a few taps, and you can use your Android phone or tablet in any language you fancy. In this guide, I’ll walk you through changing your Android device’s language from English to Spanish as well as from Spanish to English. But don’t worry if you have a different language in mind (like Chinese,

How to upgrade Windows 7 or Windows 8/8.1 to Windows 10

tutorial
Codrut Neagu
13.05.2024

Windows 10 is officially the most used operating system in the world, outranking even Windows 11. However, some people still use Windows 7, Windows 8, or Windows 8.1 on their computers and devices. If you are one of them, you might want to upgrade to Windows 10 for a better operating system experience. If you have a license key for

ASUS ExpertWiFi EBG19P review: A great wired router for SMBs!

review
Ciprian Adrian Rusen
16.05.2024

When it comes to networking, small and medium-sized businesses have needs that combine the desires of typical consumers (simplicity and speed) with the requirements of large organizations (security, stability, and scalability). To meet these needs, ASUS offers a specialized line-up of networking devices called ExpertWiFi, which includes equipment such as wireless routers, wired routers, switches, access points, and mesh Wi-Fi

HUAWEI WATCH FIT 3 review: Better than an Apple Watch?

review
Ciprian Adrian Rusen
07.05.2024

HUAWEI just launched a stylish watch that looks a lot like the Apple Watch SE - a device it aims to compete with when it comes to design, price, and features. This watch is named HUAWEI WATCH FIT 3, and it is not only lighter than an Apple Watch SE but also thinner. Furthermore, it has a brighter screen and

Samsung Galaxy A35 review: Affordable mid-ranger with solid cameras

review
Codrut Neagu
15.04.2024

In this review, I’m going to tell you about the Samsung Galaxy A35, the company’s latest affordable mid-ranger that has to distinguish itself from the huge variety of offerings from other manufacturers. Some of its competitors boast better hardware specifications at comparable prices. However, Samsung’s Galaxy A35 has some tricks up its sleeve, like an attractive design and a solid