Only 2% of organizations in the UK are properly resilient against today’s cyber security risks, according to new research from Cisco, worse even than the global figure of 3%.
Nearly three-quarters of UK organizations fall into the Beginner or Formative stages of cyber security readiness, analysis from the tech giant found, with just one-in-fifty achieving the required Mature level.
96% of companies said they expect to increase cyber security budgets in the next 12 months, seven-in-ten said a security incident is likely to disrupt their business in the next 12 to 24 months.
Meanwhile, 54% of respondents said they had experienced a cyber security incident in the last 12 months, with just over half of those affected saying it cost them at least $300,000.
But with 78% of companies saying they feel moderately to very confident in their ability to defend against a cyber attack with their current infrastructure, Cisco suggested that companies may be overconfident and failing to assess the true scale of the challenges they face.
"We cannot underestimate the threat posed by our own overconfidence," said Jeetu Patel, executive vice president and general manager of security and collaboration at Cisco.
"Today's organizations need to prioritize investments in integrated platforms and lean into AI in order to operate at machine scale and finally tip the scales in the favor of defenders."
The traditional approach of adopting multiple cyber security point solutions hasn't been particularly effective, the report found, with three-quarters of respondents admitting that it slowed down their team’s ability to detect, respond, and recover from incidents.
And this is a particular concern, Cisco said, with 69% of organizations revealing they have deployed ten or more point solutions in their security stacks, while 29% said they have 30 or more.
Meanwhile, eight-in-ten companies said their employees access company platforms from unmanaged devices, and 40% of those spend one-fifth of their time logged onto company networks from unmanaged devices.
Another quarter reported that their employees hop between at least six networks over a week.
And progress is being further held up by critical talent shortages, with 85% of companies highlighting it as an issue - indeed, four in ten said they had more than ten roles related to cybersecurity unfilled in their organization at the time of the survey.
The good news is that nearly half of organizations are planning to significantly upgrade their IT infrastructure in the next 12 to 24 months - well up from the 31% who planned to do so last year.
Most prominently, seven in ten plan to upgrade existing solutions, six on ten to deploy new solutions and 55% and invest in AI-driven technologies. Almost all expect to increase their cyber security budget in the next 12 months, with 82% saying their budgets will increase by 10% or more.
-
Enterprises face delicate balancing act with data center sustainability goalsNews High energy consumption, raw material requirements, and physical space constraints are holding back data center sustainability efforts, according to new research from Seagate.
-
Cleo attack victim list grows as Hertz confirms customer data stolenNews Hertz has confirmed it suffered a data breach as a result of the Cleo zero-day vulnerability in late 2024, with the car rental giant warning that customer data was stolen.
-
Cisco claims new smart switches provide next-level perimeter defenseNews Cisco’s ‘security everywhere’ mantra has just taken on new meaning with the launch of a series of smart network switches.
-
Cisco is jailbreaking AI models so you don’t have to worry about itNews Cisco's new AI Defense security solution helps organizations shore up LLM security by identifying potential flaws.
-
Cisco dispels Kraken data breach claims, insists stolen data came from old attackNews Cisco has refuted claims it has suffered a data breach after the Kraken threat group posted stolen data online.
-
Cisco patches critical flaws in Identity Services EngineNews Cisco has issued patches for a pair of critical vulnerabilities affecting its Identity Service Engine (ISE).
-
Your office is now absolutely riddled with surveillance equipmentNews While workplace monitoring is shown to have a detrimental effect on morale, many firms are still charging ahead
-
Cisco confirms attackers stole data, shuts down access to compromised DevHub environmentNews The tech giant insists that no sensitive customer information has been compromised
-
Cisco confirms investigation amid data breach claimsNews The networking giant says its probe is ongoing amid claims a threat actors accessed company data
-
Rubrik partners with Cisco to bolster cyber resilience
News Rubrik now integrates with Cisco XDR and is listed on the connectivity giant’s SolutionsPlus program
