KUALA LUMPUR (March 29): Only 2% of organisations in Malaysia have the “mature” level of readiness needed to be resilient against modern cybersecurity risks, according to Cisco’s 2024 Cybersecurity Readiness Index.

The 2024 Cisco Cybersecurity Readiness Index was developed in an era defined by hyperconnectivity and a rapidly evolving threat landscape.

In a statement on Thursday (March 28), the US digital communications technology conglomerate highlighted the findings from the study with regard to Malaysia:

— 77% of respondents said they expect a cybersecurity incident to disrupt their business in the next 12- to 24 months.

Cisco explained that the cost of being unprepared can be substantial, as 73% of respondents said they experienced a cybersecurity incident in the last 12 months, and 44% of those affected said it cost them at least US$300,000.

The traditional approach of adopting multiple cybersecurity point solutions has not delivered effective results, as 87% of respondents admitted that having multiple point solutions slowed down their team’s ability to detect, respond and recover from incidents.

Cisco said companies today continue to be targeted with a variety of techniques that range from phishing and ransomware, to supply chain and social engineering attacks.

It said they still struggle to defend against them, slowed down by their own overly complex security postures that are dominated by multiple point solutions.

Cisco said these challenges are compounded in today’s distributed working environments, where data can be spread across limitless services, devices, applications and users.

However, it said 85% of companies still feel moderately confident to very confident in their ability to defend against a cyberattack with their current infrastructure — this disparity between confidence and readiness suggests that companies may have misplaced confidence in their ability to navigate the threat landscape and may not be properly assessing the true scale of the challenges they face.

Cisco’s Index assesses the readiness of companies on five key pillars: identity intelligence, network resilience, machine trustworthiness, cloud reinforcement, and AI fortification, which are comprised of 31 corresponding solutions and capabilities.

It is based on a double-blind survey of more than 8,000 private sector security and business leaders across 30 global markets, conducted by an independent third party.

The respondents were asked to indicate which of these solutions and capabilities they had deployed and the stage of deployment. Companies were then classified into four stages of increasing readiness: beginner, formative, progressive and mature.

Cisco executive vice president and general manager of security and collaboration Jeetu Patel said the threat posed by internal overconfidence cannot be underestimated.

“Today’s organisations need to prioritise investments in integrated platforms and lean into AI, in order to operate at machine scale and finally tip the scales in the favour of defenders,” said Patel.