Priya Patel
TLDR:
- Global cybersecurity posture and readiness is down despite continued rampant attacks
- Survey by Cisco reveals only 3% of organizations have a mature stage of cybersecurity readiness
A new survey from Cisco has shown that global cybersecurity readiness is declining, even in the face of increasing cyber attacks. Over half of private sector companies experienced a cybersecurity incident in the past year, indicating a weakening cybersecurity posture. Only 3% of organizations surveyed had a mature stage of cybersecurity readiness in 2024, with 71% falling in the two least prepared categories. This lack of readiness is concerning, especially since 73% of businesses believe a cybersecurity incident will disrupt their operations in the next 12 to 24 months.
Despite this lack of readiness, 80% of companies feel moderately to very confident in their ability to stay resilient. Readiness and resiliency were found to be higher among larger and medium-sized organizations, while small organizations struggled more due to budget constraints and lack of digitally skilled talent. The financial services, technology services, media and communications, and manufacturing industries were noted to have the most robust cybersecurity posture, while personal care, education, and wholesale industries require improvement.
The survey also revealed that nearly half of organizations have more than ten unfilled cybersecurity roles, highlighting the impact of the cyber skills gap. The shift from internal to external threat factors was noted, with external actors now seen as the biggest threat by the majority of companies. Malware, phishing, credential stuffing, supply chain attacks, and cryptojacking were the top types of attacks experienced in the past year.
Remote logins were cited as a heightened threat vector, with 82% of organizations expressing concern. As a result, 97% of companies expect to increase their security budgets, with over half planning to increase them by 11-30% in 2024. The industry is facing evolving and emerging threats, including the impact of AI advancements and the challenges posed by hybrid working environments.
