Most companies globally are still not fully maturely prepared for cyber incidents.
That’s according to research by Cisco. Companies are still major targets of cyber attacks, such as phishing, ransomware, supply chain and social engineering attacks. Nearly three-quarters of companies expect to be hit by a cyber attack within the next two years, based primarily on experiences with cyber attacks in the past 12 months. More than 50% of the companies surveyed that were hit by a cyber attack experienced problems that cost them at least $300,000 (€277,000).
Barely mature level of protection
Companies are arming themselves against cyber attacks but have not always reached a “mature” level of protection. Only 3% of the companies surveyed are at this level and fully prepared for an attack. Just over a quarter have their cybersecurity reasonably in order, but most companies do not.
Of the companies surveyed, 60% have a basic implementation of cybersecurity and 11% have a beginner level. This means that as many as 71% still have a lot of work to do.
Level status often varies by company size. The larger a company, the higher its cybersecurity budget often is.
Difficulty keeping up with developments
Companies often cite their struggle to keep up with all the developments as a reason for their lack of mature cybersecurity infrastructure, especially as cybercriminals increasingly employ AI in their attacks.
They also indicate that their improvement in cybersecurity is often hampered by their complex security environments, which often consist of multiple solutions, including from multiple vendors. In addition, companies have a problem because they do not have the right number of security experts, and there are many vacancies in this field.
Another problem companies face is that many employees use unmanaged devices to access corporate environments.
Remarkable confidence
Notably, despite all the problems most companies face, they are very confident in their current security strategy. More than 80% of respondents are confident about this.
This contrasts with the findings on corporate preparedness. According to Cisco researchers, this is probably because most companies do not (yet) realize the cybersecurity challenges they face.
Increased budgets and recommendations
Fortunately, there are also positive developments. Almost all companies indicate that they will increase their cybersecurity budgets in the coming year. A large majority, 86%, plan to increase this budget by 10% or more.
This budget increase, and perhaps making protection against cyber incidents more mature as a result, is what Cisco researchers recommend in their report. To do this, they recommend, among other things, adopting innovative security measures and using a central security platform.
In addition, companies should increase the resilience of their networks, productively use AI, and greatly increase the recruitment of new security staff to reduce the lack of knowledge.
16 hours ago
