As organizations have shifted to hybrid work — accessing multiple networks and clouds from home, office, coffee shops, libraries, and even cars — it has created new and unique cybersecurity challenges. The Cisco Cybersecurity Readiness Index, published today, looks at how successful (or not) organizations are at safeguarding against these complex threats. The results, while not completely surprising, are highly concerning.
One troubling statistic is that only 15% of organizations around the world are rated by the index measures as mature enough to defend against the security risks of today’s hybrid world. And more than half of them (55%) are performing below average on cybersecurity readiness.
What’s worse is that 82% of the same respondents say they fully expect a cybersecurity incident to disrupt their business in the next year or two. Sixty percent said they’d already suffered one. And the cost? At least half a million dollars for over forty percent of victims.
We all know money is the least of all the costs. There are too many incidents where the loss is far more devastating. No report or data set can fully do justice to the criticality of the impact to human life as can be the case of a healthcare organization or critical infrastructure cybersecurity breach.
So where do we go from here?
Closing the cybersecurity readiness gap must become a global imperative and a top priority for business leaders. With the consequences of cyberattacks so clear and catastrophic, preparedness needs to be prioritized and plans for it must be accelerated.
The report does include some good news, which is that the organizations surveyed recognize their shortfalls and they are doing something about it; 86% of the respondents plan to increase their security budgets by at least 10% over the next year. So more of these plans need to be made and the budgets need to be allocated quickly to efficient and effective programs.
Part of those plans must include reducing complexity. Organizations need to stop using a mix of point tools as a defense and instead approach cybersecurity with integrated platforms. It’s the only way to achieve security resilience and become fully prepared for today’s cybersecurity threats.
Significant thought and effort need to be given to how to protect identities, devices, network, data, and applications that operate dynamically. These five pillars of security all need to work in harmony or organizations risk presenting a target of opportunity to bad actors. Leaders need to take a holistic and honest look across these core defenses, identifying not only where they are strong but also where they may be weak and build accordingly.
The Readiness Index is yet another wake-up call for senior business leaders to continue investing time with their security teams to fortify their organizations’ cybersecurity postures so they are ready for today’s hybrid world challenges.
About the Report
Read Cisco Cybersecurity Readiness Index: Resilience in a Hybrid World to learn more about what 6,700 private sector cybersecurity leaders across 27 markets have said about their solutions and deployments. You’ll also learn about the five core pillars that form the baseline of required defenses: identity, devices, network, application workloads, and data.