The world has become an ever-moving, hybrid environment where people, devices, applications, and data can be in multiple, changing locations. So what does that mean for an evolving cybersecurity posture?
In Cisco’s Cybersecurity Readiness Index, 6,700 respondents in 27 countries representing more than 18 industries shared how they measured up in solutions across the five core pillars of cybersecurity protection: identity, devices, network, application workloads, and data. The index categorizes companies into four stages of readiness: from Beginner, to Formative, Progressive, and Mature, based on the state of deployment of security solutions.
Verify the identity of everyone who tries to access network resources and information.
Verify all employee and infrastructure devices and protect them from being accessed by bad actors.
Safeguard people, devices, applications, and data on the network as they are critical to the viability of the company.
Protect against application workload attacks that could lead to sensitive data breaches, productivity loss, and irreparable reputation damage.
Protect data from unauthorized access, use, disclosure, disruption, modification, or destruction using robust security measures.
Organizations at the initial stages of deployment of solutions.
Some level of deployment but performing below average on cybersecurity readiness.
Considerable level of deployment and performing above average on cybersecurity readiness.
Advanced stages of deployment and are most ready to address security risks.
Respondents confirmed whether their companies had solutions in place to meet the challenges of each pillar, and how advanced their deployment plans are.
Readiness scores are derived through the combination of:
Healthcare, financial services, and retail are the most prepared industries in their cybersecurity readiness, with an average of 20% in a Mature state.
Transportation and media industries are the least ready, with a little over 16% and 15% of organizations falling into the Beginner category.
Only 17% of larger businesses (1,000+ employees) are at a Mature stage of overall readiness, over 55% are either in a Beginner or Formative stage.
Mid-sized companies (250 to 1,000 employees) are best prepared with more organizations in the Mature category (19%) than their larger competitors, and more in the Progressive category (31%) too.
Smaller organizations (up to 250 employees) are less ready with only 10% companies in the Mature category, and more than 50% dropping into the underperforming, Formative category.
“The move to a hybrid world has fundamentally changed the landscape for companies and created even greater cybersecurity complexity. Organizations must stop approaching defense with a mix of point tools and instead, consider integrated platforms to achieve security resilience while reducing complexity. Only then will businesses be able to close the cybersecurity readiness gap.”
EVP and GM, Security and Collaboration
Closing the readiness gap must become a global imperative and a top priority for business leaders.
Organizations need security resilience, focusing on what matters most and anticipating what is coming down the road. Resilience is already under consideration within financial, operational, organizational, and supply chain functions. Security resilience cuts across all of them and should be prioritized.
For business leaders to build secure and resilient organizations, they must establish a baseline of how “ready” they are across the five major security solution pillars. The maturity of security infrastructure, particularly in relation to local and global peers, will ensure that organizations know what they’re strong at and where they can best prioritize resources to improve their ability to be resilient.
The research was carried out by an independent research company between August to September 2022.
The respondents are drawn from over 18 industries: business services, construction, education, engineering, design, architecture, financial services, healthcare, manufacturing, media & communications, natural resources, personal care & services, real estate, restaurant services, retail, technology services, transportation, travel services, wholesale, and ‘others’.
The scale of deployment was highlighted by respondents in a double-blind survey conducted by an independent third-party. The scores for each pillar were then put together - based on weighted importance of each pillar - to arrive on an overall score for each company in individual markets.
The companies are placed in four stages of readiness based on their overall score: