Most companies still aren't ready to handle a major security incident

Hand increasing the protection level by turning a knob

(Image credit: Shutterstock)

Despite many of us hopefully being aware of just how expensive a cybersecurity incident can be, most businesses are still woefully unprepared for such an event, according to the Cisco Cybersecurity Readiness Index, which has revealed just 17% of firms are ready to tackle a cyberattack.

Cisco surveyed 6,700 private sector cybersecurity leaders across 27 markets to see how many firms have set up solutions to protect endpoints across five areas: identity, devices, network, application workloads, and data.

Based on this data, Cisco sorted out the businesses in four categories: Beginner, Formative, Progressive and Mature. Formative is the largest of the four groups, with 40% of all firms falling into this category, Cisco said. Progressive is the second-largest with 39%, followed by Mature at 17%. Finally, 4% of all firms fall into the Beginner category.

Expecting an attack

For the researchers, the findings are relatively surprising, given that most organizations expect to be attacked and understand the risks and potential damages.

In fact, 80% expect a cybersecurity incident in the next 12 to 24 months, while 59% experienced one such event over the last year. For almost half (47%) - the incident had cost them north of $500,000.

> Here are the best firewalls today

> Ransomware gang leaks data stolen from City of Oakland

> CISA is worried that critical infrastructure is vulnerable to ransomware attacks

“The move to a hybrid world has fundamentally changed the landscape for companies and created even greater cybersecurity complexity,” said Jeetu Patel, executive vice president and general manager of security and collaboration at Cisco.

“Organizations must stop approaching defense with a mix of point tools and instead, consider integrated platforms to achieve security resilience while reducing complexity,” Patel added. “Only then will businesses be able to close the cybersecurity readiness gap.”

Cisco believes businesses should establish a “baseline of ‘readiness’ across the five security pillars”, to protect against future attacks. It doesn’t help much knowing that 85% of the respondents plan on increasing their security budgets by at least 10% this year.

Check out the best malware protection solutions right now

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.