According to Cisco's 2024 Cybersecurity Readiness Index, only 3% of organizations have the resilience needed to combat modern cybersecurity threats. Compared to the previous year, when 15% of businesses were considered to have reached a "mature" readiness level, this is a significant decline. Most organizations, or about 71% of them, fall into the "formative" (60%) and "beginner" (11%) categories, with the remaining 26% classified as "progressive." This study examined the cybersecurity posture of 8,136 private sector executives that oversee cybersecurity within their companies. The survey covered five key domains: identity intelligence, machine trustworthiness, network resilience, cloud reinforcement, and artificial intelligence fortification. It was noted that more mature cybersecurity was present in larger enterprises. Interestingly, businesses with more than 1,000 workers were primarily in the mature and progressive categories, whereas smaller businesses (10–249) trailed behind and were primarily in the formative and beginner groups.
Travel services, business services, and manufacturing had the highest cybersecurity maturity levels (4% each), emphasizing how important it is to protect significant amounts of sensitive customer data. On the other hand, the industries with the highest concentration of beginner-stage firms were personal care and services, education, and wholesale. Good news: 91% of respondents said they had seen an increase in cybersecurity funding in the previous year to two, and they expected more budget increases.
Regarding cyber incidents, more than half of the surveyed entities (54%) experienced such an event in the preceding year, with at least $300,000 being spent on 52% of these incidents. The most common attack types were credential stuffing, phishing, and malware. The expectation of potential disruptions due to cyber incidents in the forthcoming 12-24 months was high, at 73%. External threats were identified as the primary concern by 62% of respondents, a significant shift from the previous year's perspective, which gave almost equal weight to internal and external threads. With 46% of firms having more than 10 open cybersecurity roles at the time of the study, the report also brought attention to a serious skills gap in the field.
Separately, research released by Microsoft on March 18 revealed that only 13% of UK firms are sufficiently ready for cyberattacks, with the remaining at vulnerable (48%) or at high risk (39%) of experiencing serious cyber events.
Gain essential cybersecurity skills and industry-recognized certifications through our intensive bootcamp, equipping you with the expertise to protect against digital threats. Join now to launch your career in one of the fastest-growing sectors in technology.