Sydney, Australia, April 3rd, 2024 โ Only one per cent of organisations in Australia have the โMatureโ level of readiness needed to be resilient against modern cybersecurity risks, according to Ciscoโs (NASDAQ: CSCO) 2024 Cybersecurity Readiness Index.
The 2024 Cisco Cybersecurity Readiness Index was developed in an era defined by hyperconnectivity and a rapidly evolving threat landscape. Companies today continue to be targeted with a variety of techniques that range from phishing and ransomware to supply chain and social engineering attacks. While they are building defences against these attacks, they still struggle to defend against them, slowed down by their own overly complex security postures that are dominated by multiple-point solutions.
These challenges are compounded in todayโs distributed working environments where data can be spread across limitless services, devices, applications, and users. However, 75% of companies still feel moderately to very confident in their ability to defend against a cyberattack with their current infrastructure – this disparity between confidence and readiness suggests that companies may have misplaced confidence in their ability to navigate the threat landscape and may not be properly assessing the true scale of the challenges they face.
2024 Cisco Cybersecurity Readiness Index: Underprepared and Overconfident Companies Tackle an Evolving Threat Landscape
The Index assesses the readiness of companies on five key pillars:ย Identity Intelligence, Network Resilience, Machine Trustworthiness, Cloud Reinforcement,ย andย AI Fortification, which comprise 31 corresponding solutions and capabilities. It is based on a double-blind survey of more than 8,000 private sector security and business leaders across 30 global markets conducted by an independent third party. The respondents were asked to indicate which of these solutions and capabilities they had deployed and the stage of deployment. Companies were then classified into four stages of increasing readiness:ย Beginner, Formative, Progressiveย andย Mature.
โWe cannot underestimate the threat posed by our own overconfidence,โ saidย Jeetu Patel, Executive Vice President and General Manager of Security and Collaboration at Cisco. โToday’s organisations need to prioritise investments in integrated platforms and lean into AI in order to operate at machine scale and finally tip the scales in the favour of defenders.โ
Australian Findings
Overall, the study found that in Australiaย only one per cent of companies are ready to tackle todayโs threats, with more than 82% of organisations falling into the Beginner or Formative stages of readiness. Globally, 3% of companies are at a Mature stage. Further:
-
Future Cyber Incidents Expected: 69% of respondents said they expect a cybersecurity incident to disrupt their business in the next 12 to 24 months. The cost of being unprepared can be substantial, as 47% of respondents said they experienced a cybersecurity incident in the last 12 months, and 53% of those affected said it cost them at least US$300,000.
-
Point Solution Overload: The traditional approach of adopting multiple cybersecurity point solutions has not delivered effective results, as 74% of respondents admitted that having multiple point solutions slowed down their teamโs ability to detect, respond and recover from incidents. This raises significant concerns as 66% of organisations said they have deployed ten or more point solutions in their security stacks, while 22% said they have 30 or more.
-
Unsecure and Unmanaged Devices Add Complexity: 77% of companies said their employees access company platforms from unmanaged devices, and 44% of those spend one-fifth (20%) of their time logged onto company networks from unmanaged devices. Additionally, 26% reported that their employees hop between at least six networks over a week.
-
The Cyber Talent Gap Persists: Progress is being further hampered by critical talent shortages, with 81% of companies highlighting it as an issue. In fact, 42% of companies said they had more than ten roles related to cybersecurity unfilled in their organisation at the time of the survey.
-
Future Cyber Investments Ramping Up: Companies are aware of the challenge and are ramping up their defences with almost half (42%) planning to significantly upgrade their IT infrastructure in the next 12 to 24 months. This is an increase from 41% who planned to do so last year. Most prominently, organisations plan to upgrade existing solutions (59%), deploy new solutions (54%), and invest in AI-driven technologies (43%). Further, 97% of companies expect to increase their cybersecurity budget in the next 12 months, and 85% of respondents say their budgets will increase by 10% or more.
To overcome the challenges of todayโs threat landscape, companies must accelerate meaningful investments in security, including the adoption of innovative security measures and a security platform approach, strengthen their network resilience, establish meaningful use of generative AI, and ramp up recruitment to bridge the cybersecurity skills gap.
Corien Vermaak, Director of Cybersecurity for Cisco Australia & New Zealand,ย explains: โFor Australian businesses, this is the alarm bell. Weโve all seen the evidence of cyberattacks and the tangible impact that breaches cause. What we are seeing in this data is that Aussie businesses are underprepared for the constant change.
โThe technology industry is relentlessly evolving and with the explosion of Generative AI, among other pressures, change is outpacing cyber practices. The way in which we are using technology to enable remote working and AI developments is putting pressure on the technology stack, and how we secure it. To innovate at speed, we must have cybersecurity at the core of this advancement. The data shows that even with our best efforts we are being outpaced by the speed of technology evolution.โ
About Cisco
Cisco (NASDAQ: CSCO) is the worldwide technology leader that securely connects everything to make anything possible. Our purpose is to power an inclusive future for all by helping our customers reimagine their applications, power hybrid work, secure their enterprise, transform their infrastructure, and meet their sustainability goals. Discover more onย The Newsroomย and follow us on X atย @Cisco.
Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. A listing of Cisco’s trademarks can be found atย www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company.