In today’s hyper-connected and rapidly evolving threat landscape, companies are targeted with a variety of techniques that range from phishing and ransomware to supply chain and social engineering attacks. And yet merely 4% of organizations in India have the readiness against modern cybersecurity risks, according to the 2024 Cisco Cybersecurity Readiness Index, as compared to 3% globally. However, 59% of organizations fall into the Beginner or Formative stages of readiness.
This is when 82% of respondents said they expect a cybersecurity incident to disrupt their business in the next 12 to 24 months. Cisco highlights, that the cost of being unprepared can be substantial, as 74% of respondents said they experienced a cybersecurity incident in the last 12 months, and 55% of those affected said it cost them at least $300,000.
An increasing number of companies are working towards building defences against these attacks, yet they still struggle to defend themselves and are slowed down by their own overly complex security postures that are dominated by multiple-point solutions. However, 88% of companies still feel moderately to very confident in their ability to defend against a cyberattack with their current infrastructure.
According to Cisco, this disparity between confidence and readiness suggests that companies may have misplaced confidence in their ability to navigate the threat landscape and may not be properly assessing the true scale of the challenges they face. “We cannot underestimate the threat posed by our own overconfidence,” said Jeetu Patel, Executive Vice President and General Manager of Security and Collaboration at Cisco. “Today's organizations need to prioritize investments in integrated platforms and lean into AI in order to operate at machine scale and finally tip the scales in the favor of defenders.”
The problem is escalated by unsecured and unmanaged devices used by employees, which 92% of companies acknowledged. And 48% of those spend one-fifth (20%) of their time logged onto company networks from unmanaged devices. Additionally, 39% reported that their employees hop between at least six networks over a week.
The readiness against the threats is further hampered by critical talent shortages, with 91% of companies highlighting it as an issue. 59% of companies said they had more than ten roles related to cybersecurity unfilled in their organization at the time of the survey.
Lastly, companies are aware of the challenge and are ramping up their defences with 71% planning to significantly upgrade their IT infrastructure in the next 12 to 24 months. This is a marked increase from 51% who planned to do so last year. Most prominently, organizations plan to upgrade existing solutions (70%), deploy new solutions (58%), and invest in AI-driven technologies (60%). Further, 99% of companies expect to increase their cybersecurity budget in the next 12 months, and 95% of respondents say their budgets will increase by 10% or more.
This Index assesses the readiness of companies on five key pillars: Identity Intelligence, Network Resilience, Machine Trustworthiness, Cloud Reinforcement, and AI Fortification, which are comprised of 31 corresponding solutions and capabilities. It is based on a double-blind survey of more than 8,000 private sector security and business leaders across 30 global markets conducted by an independent third party.