Security in a hybrid world
The world has become an ever-moving, hybrid environment where people, devices, applications, and data can be in multiple, changing locations. So what does that mean for an evolving cybersecurity posture?
In Cisco’s Cybersecurity Readiness Index, 6,700 respondents in 27 countries representing more than 18 industries shared how they measured up in solutions across the five core pillars of cybersecurity protection: identity, devices, network, application workloads, and data.
Identity
Verify the identity of everyone who tries to access network resources and information.
- Traditional Data stores like AD
- Integrated IAM solution
- Privileged Access Management
Devices
Verify all employee and infrastructure devices and protect them from being accessed by bad actors.
- Built-in protections in the OS such as AV and host controls
- Anti-virus with some enhanced features
- End-point protection platform (firewall, malware, USB controls, process viability)
Network
Safeguard people, devices, applications, and data on the network as they are critical to the viability of the company.
- Network segmentation policies based on identity
- Network behavior Anomaly detections tools
- Privileged Access Management
- Packet capture and sensor tools
Apps
Protect against application workload attacks that could lead to sensitive data breaches, productivity loss, and irreparable reputation damage.
- Host software firewall
- Endpoint protection capabilities
- DLP
- Application centric protection tools
- Visibility and forensic tools
Data
Protect data from unauthorized access, use, disclosure, disruption, modification, or destruction using robust security measures.
- Encryption tools
- Identification and Classification with DLP
- Backup and Recovery
- Host IPS & Protection tools
Measuring readiness
Respondents confirmed whether their companies had solutions in place to meet the challenges of each pillar, and how advanced their deployment plans are.
Readiness scores are derived through the combination of:
- Weighted solution based on its importance to safeguarding its pillar
- Level of advancement for deployment of those solutions
Global readiness across the five security pillars (initial findings):
Global Readiness
???
The four states of maturity
Beginner (Less than 10)
Organizations at the start of the cybersecurity readiness journey
Formative (11–44)
Performing below average on cybersecurity readiness
Progressive (45–75)
Performing above average on cybersecurity readiness
Mature (76 and higher)
High performing with a mature and robust cybersecurity strategy
What’s next for companies?
While technology to secure devices is widely adopted, more progress is needed to protect identity, networks and applications:
- The highest level of readiness that companies have across the globe is in securing devices, with nearly half of companies placed in either the 'mature' (31%) or 'progressive' (13%) stages of adoption.
- Significant progress is needed to meet the challenge of identity verification, with only 20 percent of organizations in the 'mature' category, and more than half falling into the 'beginner' (20%) or 'formative' (38 %) stages.
- Network Security has been a challenge as companies moved to hybrid work environments. This resulted in lagging preparedness with 56% of organizations in the beginner or formative stages, the second lowest in the report.
- Securing Application Workloads is the pillar where companies are the least prepared, with 65% of organizations in the beginner or formative stages.
- In today's business environment, significant thought and effort needs to be dedicated to how best to protect identities, devices, networks, data, and applications that operate dynamically.
Related resources
