Businesses worldwide are still unprepared for a myriad of cyber attacks, according to the latest Cisco Cybersecurity Readiness Index.
The networking specialist categorizes companies’ cyber readiness as Mature, Progressive, Formative, and Beginner based on what it considers to be the five most important pillars of cybersecurity for businesses today.
These include:
- Identity Intelligence
- Machine Trustworthiness
- Network Resilience
- Cloud Reinforcement
- AI Fortification
According to the report, which is based on a double-blind survey of 8,000 business and cybersecurity leaders, the progressive category has remained static at 26% compared to 2024, while beginner has decreased from 11% to 9%.
There has been a slight increase in the progressive and mature categories, Cisco noted, going from 60% to 61% and 3% to 4% respectively.
Winners and losers
Of the five areas identified as most important by Cisco, two of the most mature and widely used technologies – cloud computing and networking – had some of the lowest levels of ‘mature’ cybersecurity readiness, at 4% and 7%.
Despite being a newer field of technology, AI fortification was on a par with networking in terms of maturity, ranking at 7%, while identity intelligence was ranked at 6%. Machine trustworthiness was the only category to reach double-digits, at 12%.
In terms of which industries have the greatest levels of mature cyber readiness, technology services, media and communications, and natural resources all come in at 6%. At the other end of the scale, at beginner level, are healthcare (14%), wholesaling (15%), and natural resources (16%).
The results for the natural resources industry in particular show that there can be a wide variety of knowledge and preparedness even within a single sector, Cisco said.
AI in the spotlight
AI threats are “a blind spot for many companies”, the report’s authors claim, despite an increase in would-be hackers targeting AI systems through methods such as data poisoning, prompt injection attacks, and model theft.
Exacerbating this problem, only 51% of respondents believe employees within the business are fully aware of AI-related cyber threats. Additionally, 22% say employees are allowed unfettered access to third-party generative AI tools, which carries a variety of security risks.
“Regardless of how employees use AI at work, IT teams have limited visibility and control, with 60% saying they can’t see specific prompts or requests made by employees using GenAI tools,” the report says.
“Unregulated AI deployments, or shadow AI, pose significant cybersecurity and data privacy risks, as it is hard for security teams to monitor and control what they can’t see.”
MORE FROM ITPRO
Source link
-
-
-
-
-
-
-
-
