In a new report, Cisco says the cyber readiness of organizations is lacking despite having experienced multiple cyber attacks within the last year.
The maturity of an organization’s state of cyber readiness may very well dictate the outcome of an attack; it’s one thing to have a bunch of solutions in place, and it’s completely another to have the right solutions, policies, practices, and plans in place to address cyber risks.
According to Cisco’s 2024 Cybersecurity Readiness Index, most organizations simply aren’t prepared, with the majority of organizations experiencing cyberattacks:
- 54% have experienced a cybersecurity incident in the past year
- And 73% believe they likely will experience a cybersecurity incident in the next 12-24 months
So, you’d think organizations would realize this and step up their game, right? But Cisco points out, that just isn’t the case. With 80% of companies feeling “moderately to very confident” in their ability to stay resilient against cyber attacks, organizations appear to think they have everything under control.
And yet:
- 46% have 10 or more unfilled cybersecurity roles
- 80% admit their use of multiple point solutions is slowing down their ability to detect, respond to, and recover from incidents
When measured against Cisco’s cyber readiness maturity model, organizations definitely come up lacking:
Source: Cisco
Only 3% are considered “mature," with the vast majority (71%) either just starting out or have “some level of deployment but are performing below average on cybersecurity readiness across a range of areas.”
In other words, “they’re not ready.”
What was interesting in this report is that Cisco’s readiness measurements focused on identity, endpoints, network, cloud and AI – there’s no mention of the user being a cyber readiness factor in this report, despite 54% of organizations experiencing attacks.
I believe, for an organization to be truly cyber ready, the users need to also be ready by means of continual security awareness training to ensure that any attacks that get past security controls are stopped by the user themselves.
KnowBe4 empowers your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.