Security in a hybrid world

People sitting by a window working on a laptop

The world has become an ever-moving, hybrid environment where people, devices, applications, and data can be in multiple, changing locations. So what does that mean for an evolving cybersecurity posture?

In Cisco’s Cybersecurity Readiness Index, 6,700 respondents in 27 countries representing more than 18 industries shared how they measured up in solutions across the five core pillars of cybersecurity protection: identity, devices, network, application workloads, and data.


Verify the identity of everyone who tries to access network resources and information.

  • Traditional Data stores like AD
  • Integrated IAM solution
  • Privileged Access Management


Verify all employee and infrastructure devices and protect them from being accessed by bad actors.

  • Built-in protections in the OS such as AV and host controls
  • Anti-virus with some enhanced features
  • End-point protection platform (firewall, malware, USB controls, process viability)


Safeguard people, devices, applications, and data on the network as they are critical to the viability of the company.

  • Network segmentation policies based on identity
  • Network behavior Anomaly detections tools
  • Privileged Access Management
  • Packet capture and sensor tools


Protect against application workload attacks that could lead to sensitive data breaches, productivity loss, and irreparable reputation damage.

  • Host software firewall
  • Endpoint protection capabilities
  • DLP
  • Application centric protection tools
  • Visibility and forensic tools


Protect data from unauthorized access, use, disclosure, disruption, modification, or destruction using robust security measures.

  • Encryption tools
  • Identification and Classification with DLP
  • Backup and Recovery
  • Host IPS & Protection tools

Measuring readiness

Respondents confirmed whether their companies had solutions in place to meet the challenges of each pillar, and how advanced their deployment plans are.

Readiness scores are derived through the combination of:

  • Weighted solution based on its importance to safeguarding its pillar
  • Level of advancement for deployment of those solutions

Global readiness across the five security pillars (initial findings):

Global Readiness

20% Beginner
38% Formative
22% Progressive
20% Mature
20% Beginner
38% Formative
22% Progressive
20% Mature

The four states of maturity

Beginner (Less than 10)

Organizations at the start of the cybersecurity readiness journey

Formative (11–44)

Performing below average on cybersecurity readiness

Progressive (45–75)

Performing above average on cybersecurity readiness

Mature (76 and higher)

High performing with a mature and robust cybersecurity strategy

What’s next for companies?

While technology to secure devices is widely adopted, more progress is needed to protect identity, networks and applications:

  • The highest level of readiness that companies have across the globe is in securing devices, with nearly half of companies placed in either the 'mature' (31%) or 'progressive' (13%) stages of adoption.
  • Significant progress is needed to meet the challenge of identity verification, with only 20 percent of organizations in the 'mature' category, and more than half falling into the 'beginner' (20%) or 'formative' (38 %) stages.
  • Network Security has been a challenge as companies moved to hybrid work environments. This resulted in lagging preparedness with 56% of organizations in the beginner or formative stages, the second lowest in the report.
  • Securing Application Workloads is the pillar where companies are the least prepared, with 65% of organizations in the beginner or formative stages.
  • In today's business environment, significant thought and effort needs to be dedicated to how best to protect identities, devices, networks, data, and applications that operate dynamically.
A collage of people working in different locations

Related resources

Discover the latest cyber threat intelligence and key security trends, security insights, and key findings.
Learn more about how Cisco empowers businesses to withstand today's unpredictable threats.
Get more information on Cisco Secure network security products.
Read about today's top threats, trends, and the leading techniques to protect against them.