A new report surveying 4,700 cybersecurity leaders from 26 countries has disclosed what it says makes for a successful security posture for businesses.
In the third volume of its Security Outcomes Report, Cisco focused on the impact cultural, environmental, and solution-based factors have on security, and in the process identified seven key factors that bolster business cybersecurity.
The study also looked into the most common security threats that companies face, with nearly two-thirds (62%) of respondents conceding they had experienced a ‘security event’ at some point that negatively affected operations.
Seven factors
The most commonly cited types of such incidents were network and data breaches, system outages, ransomware and distributed denial of service (DDoS) attacks.
The main ways these affected businesses were interrupting IT communications (62.6%), disrupting supply chain (43%), impairing internal operations (41.4%) and negatively impacting brand image (39.7%).
In scoring businesses for their resilience to attacks, Cisco identified seven factors adopted by those that ranked in the top 90th percentile. On the flipside, those that lacked them ranked in the bottom 10th percentile.
The first three factors relate to leadership, company culture and resourcing. Unsurprisingly, those that had a good general security culture scored 46% higher than those without, and organizations with poor C-suite support scored 39% lower than those with good support.
Companies that had more staff and resources to deal with security events performed 15% better too.
The fourth factor concerns the transition to cloud computing, which businesses are increasingly adopting. Those that were firmly seated in either physical or cloud-based IT were nearly identical in their high resilience scores. However, those that were starting to transition from on-premise to cloud computing were most at risk, with scores dropping by up to 14%.
The final three factors concern the use of advanced security solutions. Companies that adopted zero-trust systems had a 30% increase in resilience scores, and those who were prepared for security threats with advanced detection and response protocols had a huge 45% increase. Those using cloud-based security for their hybrid working transition also saw an increase in scores by 27%.
