Only 27% of organizations in the Philippines have the ‘Mature’ level of readiness needed to be resilient against today’s modern cybersecurity risks, according to Cisco’s first-ever Cybersecurity Readiness Index.
The index has been developed against the backdrop of a post-COVID, hybrid world, where users and data must be secured wherever work gets done. The report highlights where businesses are doing well and where cybersecurity readiness gaps will widen if global business and security leaders don’t take action.
Organizations have moved from an operating model that was largely static – where people operated from single devices from one location, connecting to a static network – to a hybrid world in which they increasingly operate from multiple devices in multiple locations, connect to multiple networks, access applications in the cloud and on the go, and generate enormous amount of data. This presents new and unique cybersecurity challenges for companies.
Cisco Cybersecurity Readiness Index: Resilience in a Hybrid World
Titled, Cisco Cybersecurity Readiness Index: Resilience in a Hybrid World, the report measures the readiness of companies to maintain cybersecurity resilience against modern threats. These measures cover five core pillars that form the baseline of required defenses: identity, devices, network, application workloads, and data, and encompasses 19 different solutions within the pillars.
Conducted by an independent third-party, the double-blind survey asked 6,700 private sector cybersecurity leaders across 27 markets to indicate which of these solutions they had deployed and the stage of deployment. Companies were then classified into four stages of increasing readiness: Beginner, Formative, Progressive and Mature.
- Beginner (Overall score of less than 10): At initial stages of deployment of solutions
- Formative (Score of between 11 – 44): Have some level of deployment, but performing below average on cybersecurity readiness
- Progressive (Score of between 45 – 75): Considerable level of deployment and performing above average on cybersecurity readiness
- Mature (Score of 76 and higher): Have achieved advanced stages of deployment and are most ready to address security risks
Alongside the stark finding that only 27% of companies in the Philippines are at the Mature stage, 43% of companies fall into the Beginner (6%) or Formative (37%) stages. While organizations in the Philippines are faring better than the global average (15% companies in the Mature stage), the number is still very low, given the risks.
This readiness gap is telling, not least because 85% of respondents said they expect a cybersecurity incident to disrupt their business in the next 12 to 24 months. The cost of being unprepared can be substantial as 77% of respondents said they had a cybersecurity incident in the last 12 months, and 38% of those affected said it cost them at least US $500,000.
“The move to a hybrid world has fundamentally changed the landscape for companies and created even greater cybersecurity complexity. Organizations must stop approaching defense with a mix of point tools and instead, consider integrated platforms to achieve security resilience while reducing complexity,” said Jeetu Patel, executive vice president and general manager of security and collaboration at Cisco. “Only then will businesses be able to close the cybersecurity readiness gap.”
Business leaders must establish a baseline of ‘readiness’ across the five security pillars to build secure and resilient organizations. This need is especially critical given that 87% of the respondents plan to increase their security budgets by at least 10 percent over the next 12 months. By establishing a base, organizations can build on their strengths and prioritize the areas where they need more maturity and improve their resilience.
“Organizations in the Philippines are charting a positive trajectory in their digitalization journeys. As the government and organizations in the Philippines fully embrace digitalization in today’s interconnected world, cybersecurity is non-negotiable. The index is a reality check for organizations in the Philipiness and a stark reminder that cybersecurity needs to keep pace with technology advancements,” said Zaza Nicart, Managing Director, Cisco Philippines. “As people operate from multiple devices in multiple locations, connecting to multiple networks in a dynamic hybrid world today, it is crucial for organizations in the Philippines to adopt an integrated platform approach in securing the five core pillars of security to fortify their resilience.
Other key findings of the index include:
Readiness across the five key pillars
- Identity: Only 23% of organizations are ranked Mature
- Devices: This has the highest percentage of companies in the Mature stage at 43%
- Network Security: Companies are lagging on this front with 43% of organizations in the Beginner or Formative stages
- Application Workloads: This is the pillar where companies are the least prepared, with 50% of organizations in the Beginner or Formative stages
- Data: Progress is needed here, as 35% companies are in the Mature stage