At a time where enterprise cyber risk is omnipresent, IT professionals operate in a heightened state of alert. Organizations are cognizant of the fact that they are not only being targeted by cybercriminals but an intrusion is more likely than not to occur.
With this in mind, Cisco conducted its third annual Security Outcomes research to get a sense of what is working for organizations as they strategize to defend their enterprises against a relentless threat environment.
Go deeper with GlobalData
Cyber resilience a crucial concern
The high-level takeaway is that IT departments are making powering through security incidents, not just recovering from them, a top priority with 96% of the 4700 companies surveyed calling cyber resilience a crucial concern for their business. Security resilience, defined as the ability to protect the integrity of every aspect of the business against threats and unexpected conditions, has become a prime objective.
But in many cases, this aim is aspirational, with more than half of those surveyed saying that they had suffered an incident that interrupted business operations, reported network and/or data breaches, or experienced network and/or system outages. Ransomware-related and DDoS attacks were the next most frequently named events, each impacting about 46%.
These incidents affected operations in a number of ways. More than 60% said the events disrupted communications and IT operations. 43% observed events interfered with supply chain operations. Internal operations were interrupted for 41% of the surveyed organizations. And nearly 40% said security incidents had a lasting negative impact on their corporate brand.
A major takeaway from the survey findings is that security resilience is determined by a number of factors around effective policies, best practices, and a strong security infrastructure based on a Zero Trust architectural approach. Having executive buy-in with respect to both investment and practices is essential to achieving a high level of resilience, with those organizations earning a 39% higher resilience score than their counterparts with limited backing. An important part of this investment is in staffing. Enterprises with sufficient personnel resources scored a 15% higher resilience outcome than those with staffing limitations.
How well do you really know your competitors?
Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.
Thank you!
Your download email will arrive shortly
Not ready to buy yet? Download a free sample
We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form
By GlobalDataSecurity resilience is determined by a number of factors
Some of the challenges associated with security resilience are related to the complexity or transitory nature of enterprise infrastructures. Those who either described their infrastructure as primarily on-premise or mostly cloud-based had almost equally high resilience outcomes. But organizations in the early stages of migrating to the cloud scored significantly lower.
Security technology also obviously plays an important part in achieving a high level of security resilience. Organizations that deployed a complete Zero Trust architectural model scored 30% higher in resilience than those without. Integrating network and security together via a secure access services edge (SASE) model helped enterprises drive 27% better resilience scores.
Ultimately, approaching security as an essential element to maintaining operational stability and consistency is not only pragmatic but also should produce better results. These outcomes will be demonstrated through increased productivity, better performance, and greater efficiencies.
