Few M’sian firms ready for evolving threats
Cisco study shows companies still face attacks like phishing, ransomware, and social engineering
Only 2% of organisations in Malaysia have the “Mature” level of readiness needed to be resilient against modern cybersecurity risks, according to Cisco’s 2024 Cybersecurity Readiness Index.
The 2024 Cisco Cybersecurity Readiness Index was developed in an era defined by hyperconnectivity and a rapidly evolving threat landscape. Companies today continue to be targeted with a variety of techniques that range from phishing and ransomware to supply chain and social engineering attacks. And while they are building defenses against these attacks, they still struggle to defend against them, slowed down by their own overly complex security postures that are dominated by multiple point solutions.
These challenges are compounded in today’s distributed working environments where data can be spread across limitless services, devices, applications, and users. However, 85% of companies still feel moderately to very confident in their ability to defend against a cyberattack with their current infrastructure – this disparity between confidence and readiness suggests that companies may have misplaced confidence in their ability to navigate the threat landscape and may not be properly assessing the true scale of the challenges they face.
“We cannot underestimate the threat posed by our own overconfidence,” said Jeetu Patel, executive vice-president and general manager of security and collaboration at Cisco. “Today’s firms need to prioritise investments in integrated platforms and lean into AI in order to operate at machine scale and finally tip the scales in the favour of defenders.”
Overall, the study found that only 2% of companies in Malaysia are ready to tackle today’s threats, with more than half (66%) of organisations falling into the Beginner or Formative stages of readiness. Globally, 3% of companies are at a Mature stage.
Some 77% of respondents said they expect a cybersecurity incident to disrupt their business in the next 12 to 24 months. The cost of being unprepared can be substantial, as 73% of respondents said they experienced a cybersecurity incident in the last 12 months, and 44% of those affected said it cost them at least US$300,000 (RM1.4 million).
It was also revealed that companies are aware of the challenge and are ramping up their defenses with over half (59%) planning to significantly upgrade their IT infrastructure in the next 12 to 24 months.
To overcome the challenges of today’s threat landscape, firms must accelerate meaningful investments in security including adoption of innovative security measures and a security platform approach, strengthen their network resilience, establish meaningful use of generative AI, and ramp up recruitment to bridge the cybersecurity skills gap.
“The threat landscape today is more complicated than ever and organisations globally including those in Malaysia continue to lag in their cyber resilience. Companies need to adopt a platform approach that will provide a simple, secure, single pane of glass view into their entire architecture to strengthen their security posture and best take advantage of the opportunities that come with emerging technologies,“said Hana Raja, managing director Cisco Malaysia.