- Four in 5 security leaders expect a cybersecurity incident will disrupt their business during the next year or two, but just 15% are fully prepared to counter the risks lurking in today’s landscape, according to Cisco research released Tuesday.
- Cisco determined organizations’ state of readiness based on a survey of 6,700 cybersecurity professionals across 27 countries and classified companies into four groups: beginner, formative, progressive and mature. More than half fell into the beginner or formative stages.
- Nearly 3 in 5 respondents said their organization experienced a cybersecurity incident during the last year. While the majority of those incidents, 71%, cost at least $100,000, more than 40% said incident costs exceeded $500,000.
Cybersecurity readiness varies by company size and industry. Mid-sized firms and large enterprises are the most prepared with nearly 1 in 5 considered mature, the report found.
Just 1 in 10 smaller organizations were deemed mature by Cisco’s Cybersecurity Readiness Index. The analysis weighed companies’ solutions and strategies in place for identity, devices, networks, application workloads and data.
The retail, healthcare and financial services sectors, which threat actors regularly target for personal and financial data, claimed the greatest number of mature organizations, the report found.
The cybersecurity readiness gap is alarming, Cisco said in the report. But a growing realization that strategies, tools and processes must be revamped to meet security challenges reflects an opportunity for improvement across identity, devices, networks, application workloads and data.
Increased investments should also boost organizations’ confidence in their ability to stay resilient, according to Cisco. Nearly 9 in 10 respondents said their organizations plan to increase cybersecurity budgets by more than 10% during the next year.