According to Cisco’s first-ever Cybersecurity Readiness Index, just 15% of global organizations are rated to have the ‘Mature’ level of preparation required to be resistant to current cybersecurity hazards. The index illustrates where organizations are succeeding in cybersecurity preparedness and where deficiencies may worsen if global business and security leaders do not act.
The analysis assesses a company’s ability to sustain cybersecurity resilience in the face of new threats, and includes 19 distinct solutions across five basic pillars: identity, devices, networks, application workloads and data. In a poll of 6,700 private sector cybersecurity leaders from 27 markets, participants were questioned as to which of these technologies they had installed and the current stage of deployment. Businesses were then divided into four readiness stages: beginner, formative, progressive and mature.
More than half (55%) of companies polled worldwide are in the Beginner (8%) or Formative (47%) stages of cybersecurity readiness, which means they are performing below average. 82% of respondents expect a cybersecurity attack to damage their organization within the next 12 to 24 months. The preparation deficiencies were found to be striking. The cost of being unprepared can be significant, with 60% of respondents reporting a cybersecurity issue in the past 12 months, and 41% reporting that it cost them at least US$500,000.
The Cisco Cybersecurity Readiness Index acts as a wake-up call for top business leaders to devote time to their security teams in order to boost their companies’ cybersecurity defenses. According to Cisco, to construct safe and resilient organizations, business executives must establish a baseline of readiness across the five security pillars.
Jeetu Patel, executive vice president and general manager of security and collaboration at Cisco, commented: “The move to a hybrid world has fundamentally changed the landscape for companies and created even greater cybersecurity complexity. Organizations must stop approaching defense with a mix of point tools and instead, consider integrated platforms to achieve security resilience while reducing complexity. Only then will businesses be able to close the cybersecurity readiness gap.”