Corporate cyber maturity levels

Issue 2/3 2023 News & Events, Information Security

A mere 19% of organisations in South Africa have the ‘Mature’ level of readiness needed to be resilient against today’s modern cybersecurity risks, according to Cisco’s first-ever Cybersecurity Readiness Index (www.securitysa.com/*cisco5). The index was developed against the backdrop of a post-COVID, hybrid world, where users and data must be secured wherever work is done. The report highlights where businesses are doing well and where cybersecurity readiness gaps will widen if global business and security leaders do not take action.

Organisations have moved from an operating model that was largely static – where people operated from single devices from one location, connecting to a static network – to a hybrid world in which they increasingly operate from multiple devices in multiple locations, connect to multiple networks, access applications in the cloud and on the go, and generate enormous amount of data. This presents new and unique cybersecurity challenges for companies.

Resilience in a hybrid world

Titled, Cisco Cybersecurity Readiness Index: Resilience in a Hybrid World, the report measures the readiness of companies to maintain cybersecurity resilience against modern threats. These measures cover five core pillars that form the baseline of required defences: identity, devices, network, application workloads, and data, and encompasses 19 different solutions within the pillars.

Conducted by an independent third party, the double-blind survey asked 6700 private sector cybersecurity leaders, across 27 markets, to indicate which of these solutions they had deployed, and the stage of deployment. Companies were then classified into four stages of increasing readiness: Beginner, Formative, Progressive and Mature.

Findings

Alongside the stark finding that only 19% of companies in South Africa are at the Mature stage, 52% of companies fall into the Beginner (8%) or Formative (44%) stages. While organisations in South Africa are faring better than the global average (15% of companies in the Mature stage), the number is still very low given the risks.

This readiness gap is telling, not least because 65% of respondents said they expect a cybersecurity incident to disrupt their business in the next 12 to 24 months. The cost of being unprepared can be substantial, as 57% of respondents said they had had a cybersecurity incident in the last 12 months and 17% of those affected said it cost them at least $500 000.

“The move to a hybrid world has fundamentally changed the landscape for companies and created even greater cybersecurity complexity. Organisations must stop approaching defence with a mix of point tools and instead, consider integrated platforms to achieve security resilience while reducing complexity,” said Jeetu Patel, Executive Vice President and General Manager of Security and Collaboration at Cisco. “Only then will businesses be able to close the cybersecurity readiness gap.”

Business leaders must establish a baseline of ‘readiness’ across the five security pillars to build secure and resilient organisations. This need is especially critical given that 78% of the respondents plan to increase their security budgets by at least 10% over the next 12 months. By establishing a base, organisations can build on their strengths and prioritise the areas where they need more maturity, thereby improving their resilience.

“With highly distributed teams and devices leading to a rapidly expanding attack surface, achieving security resilience must remain a top priority. Cisco’s Cybersecurity Readiness Index provides a clear picture of what businesses have been doing to protect their operations across South Africa and, more importantly, what steps still need to be taken to deliver secure, seamless online environments,” said Conrad Steyn, CTO and Head of Engineering at Cisco Sub-Saharan Africa.

Other key findings of the index with respect to readiness across the five key pillars include:

• Identity: Progress is needed here as 62% of organisations are in the Beginner or Formative stages.

• Devices: This has the highest percentage of companies in the Mature stage at 44%.

• Network Security: Companies are lagging on this front with 53% of organisations in the Beginner or Formative stages.

• Application Workloads: This is the pillar where companies are the least prepared, with 59% of organisations in the Beginner or Formative stages.

• Data: This has the second-highest number of companies in the Mature stage (27%).




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Pentagon appointed as Milestone distributor
Elvey Security Technologies News & Events Surveillance
Milestone Systems appointed Pentagon Distribution (an Elvey Group company within the Hudaco Group of Companies) as a distributor. XProtect’s open architecture means no lock-in and the ability to customise the connected video solution that will accomplish the job.

Read more...
SMART Estate Security returns to KZN
Nemtek Electric Fencing Products Technews Publishing Axis Communications SA OneSpace Editor's Choice News & Events Integrated Solutions IoT & Automation
The second SMART Estate Security Conference of 2024 was held in May in KwaZulu-Natal at the Mount Edgecombe Estate Conference Centre, which is located on the Estate’s pristine golf course.

Read more...
From the editor's desk: Just gooi a cable
Technews Publishing News & Events
      Welcome to the 2024 edition of the SMART Estate Security Handbook. We focus on a host of topics, and this year’s issue also has a larger-than-normal Product Showcase section. Perhaps the vendors are ...

Read more...
Secutel wins OSPA Award for Outstanding New Security Product
Secutel Technologies News & Events Access Control & Identity Management
[Sponsored] Secutel Technologies’ NoKey Access Control solution won the Outstanding New Security Product category at the 2024 OSPAs in South Africa. The awards were presented at Securex 2024 where all category finalists were recognised for their contribution to the security industry.

Read more...
ONVIF launches new working groups for cloud, metadata and audio
News & Events Surveillance
ONVIF, the global standardisation initiative for IP-based physical security products, is announcing the formation of three new working groups to tackle standardisation work in cloud connectivity, audio, and advanced metadata.

Read more...
Inaugural Gallagher Security Johannesburg networking roadshow
Gallagher News & Events
Held at Johannesburg’s Foghound Coffee Company in Midrand from 11 to 12 June, security industry professionals gather at the inaugural Gallagher Security Johannesburg Networking Roadshow.

Read more...
Trend Micro launches first security solutions for consumer AI PCs
Information Security News & Events
Trend Micro unveiled its first consumer security solutions tailored to safeguard against emerging threats in the era of AI PCs. Trend will bring these advanced capabilities to consumers in late 2024.

Read more...
Dallmeier receives ISO 27001 certification
Dallmeier Electronic Southern Africa Surveillance News & Events
Dallmeier has received ISO 27001 certification for its Information Security Management System (ISMS). The international standard for information security management ensures that companies meet the highest standards of data protection and data security.

Read more...
AI and ransomware: cutting through the hype
AI & Data Analytics Information Security
It might be the great paradox of 2024: artificial intelligence (AI). Everyone is bored of hearing it, but we cannot stop talking about it. It is not going away, so we had better get used to it.

Read more...
Local manufacturing is still on the rise
Hissco Editor's Choice News & Events Security Services & Risk Management
HISSCO International, Africa's largest manufacturer of security X-ray products, has recently secured a multi-continental contract to supply over 55 baggage X-ray screening systems in 10 countries.

Read more...