Cisco Calls Out Organizations As Being “Overconfident and Unprepared” for Cyber Attacks

New Cyberattack Campaign Delivers Multiple RATsIn a new report, Cisco says the cyber readiness of organizations is lacking despite having experienced multiple cyber attacks within the last year.

The maturity of an organization’s state of cyber readiness may very well dictate the outcome of an attack; it’s one thing to have a bunch of solutions in place, and it’s completely another to have the right solutions, policies, practices, and plans in place to address cyber risks.

According to Cisco’s 2024 Cybersecurity Readiness Index, most organizations simply aren’t prepared, with the majority of organizations experiencing cyberattacks:

  • 54% have experienced a cybersecurity incident in the past year
  • And 73% believe they likely will experience a cybersecurity incident in the next 12-24 months

So, you’d think organizations would realize this and step up their game, right? But Cisco points out, that just isn’t the case. With 80% of companies feeling “moderately to very confident” in their ability to stay resilient against cyber attacks, organizations appear to think they have everything under control.

And yet:

  • 46% have 10 or more unfilled cybersecurity roles
  • 80% admit their use of multiple point solutions is slowing down their ability to detect, respond to, and recover from incidents

When measured against Cisco’s cyber readiness maturity model, organizations definitely come up lacking:

Cisco Image

Source: Cisco

Only 3% are considered “mature," with the vast majority (71%) either just starting out or have “some level of deployment but are performing below average on cybersecurity readiness across a range of areas.”

In other words, “they’re not ready.”

What was interesting in this report is that Cisco’s readiness measurements focused on identity, endpoints, network, cloud and AI – there’s no mention of the user being a cyber readiness factor in this report, despite 54% of organizations experiencing attacks.

I believe, for an organization to be truly cyber ready, the users need to also be ready by means of continual security awareness training to ensure that any attacks that get past security controls are stopped by the user themselves.

KnowBe4 empowers your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.

Free Phishing Security Test

Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

PST ResultsHere's how it works:

  • Immediately start your test for up to 100 users (no need to talk to anyone)
  • Select from 20+ languages and customize the phishing test template based on your environment
  • Choose the landing page your users see after they click
  • Show users which red flags they missed, or a 404 page
  • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
  • See how your organization compares to others in your industry

Go Phishing Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Subscribe to Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews