2024 Cisco Cybersecurity Readiness Index

Underprepared and Overconfident: Companies Tackle an Evolving Landscape

Cisco’s second annual Cybersecurity Readiness Index is an updated guide that addresses the current global cybersecurity landscape and assesses how ready organizations are to face today’s cybersecurity risks.

Download full report
Are companies prepared to face today’s cybersecurity risks?

In an era of hyperconnectivity, artificial intelligence (AI), distributed work environments, and advanced threat actors, companies face a complicated and diverse threat landscape that goes far beyond ransomware and phishing. In fact:

have experienced a cybersecurity incident in the past year.
believe a cybersecurity incident will disrupt their business in the next 12-24 months.

Despite this, only 3% of organizations are assessed as having a Mature stage of cybersecurity readiness in 2024. Additionally, 71% of organizations fall in the two least prepared categories.

The Cybersecurity Readiness Index provides a comprehensive view of what organizations need to tackle, in order to address the security challenges of the modern world. We found that the evolving threat landscape, resource challenges, and complexity of networks, cloud and applications are taking a toll on today's organizations.

Man is working in data center with laptop Man is working in data center with laptop Man is working in data center with laptop
Measuring Readiness

Cisco surveyed over 8,000 private sector business leaders who have cybersecurity responsibilities in their organizations across 30 global markets to gain insight into cybersecurity readiness based on the five pillars that are most relevant to securing today’s organizations:






Diverse group of professionals meeting in modern office Diverse group of professionals meeting in modern office Diverse group of professionals meeting in modern office
What do organizations need in order to improve their cybersecurity resilience?

To successfully face this high-stakes, complex environment, all five pillars of security need to be protected and work in harmony; otherwise, organizations risk being a greater target for bad actors.

The good news is that organizations realize they need to act, with over half (52%) planning to significantly upgrade their IT infrastructure in the next one to two years. Most prominently, organizations plan to upgrade existing solutions (66%), deploy new solutions (57%), and invest in AI-driven technologies (55%).

Additionally, 97% of companies expect to increase security budgets as they see a rise in risks due to digitization, a growth in types of attacks and threats, and a heavy financial impact. In fact, over half (52%) plan to increase their cybersecurity budgets by 11-30% in 2024.

As the sophistication, scale, and frequency of cybersecurity threats grow, readiness must be a priority for all organizations, and deployment of solutions needs to be accelerated even further. For companies looking to up their cybersecurity game, Cisco has outlined recommendations based on key findings:

Headshot Jeetu Patel

Jeetu Patel

EVP and General Manager, Security and Collaboration

We cannot underestimate the threat posed by our own overconfidence. Today's organizations need to prioritize investments in integrated platforms and lean into AI in order to operate at machine scale and finally tip the scales in the favor of defenders.
The 2024 Cisco Cybersecurity Readiness Index is based on a double-blind survey of 8,136 private sector business leaders who have cybersecurity responsibilities in their organizations.

The organizations cover 30 territories in North America, Latin America, EMEA and Asia Pacific: Australia, Brazil, Canada, China, Europe, France, Germany, Hong Kong, India, Indonesia, Italy, Japan, Malaysia, Mexico, Netherlands, New Zealand, Philippines, Poland, Saudi Arabia, Singapore, South Africa, South Korea, Spain, Sweden, Switzerland, Taiwan, Thailand, UAE, UK, USA, and Vietnam.

We looked at 31 different solutions across the five core pillars of cybersecurity protection: identity intelligence, machine trustworthiness, network resilience, cloud reinforcement, and AI fortification. Respondents were asked to indicate which of these they had deployed, the stage of deployment, and if these solutions were not already deployed then what budgets had been approved, and the intended timeline of deployment.

Each solution was assigned individual weightings based on its relative importance in helping safeguard the applicable pillar. The scores for each organization were then derived based on the stage of deployment of various solutions under each of the five pillars, with partially deployed solutions assigned a 50% weighting and fully deployed solutions weighted at 100%.

The scores for each pillar are then combined and weighted to arrive at an overall cybersecurity readiness score for each organization. The importance of each pillar was weighted as Identity Intelligence (25%); Network Resilience (25%); Machine Trustworthiness (20%); Cloud Reinforcement (15%); and AI Fortification (15%).

The respondents are drawn from 18 industries: business services; construction; education; engineering, design, architecture; financial services; healthcare; manufacturing; media & communications; natural resources; personal care & services; real estate; restaurant services; retail; technology services; transportation; travel services; wholesale and ‘others.’

The Index is based on a double-blind survey carried out by an independent research company between January and February 2024.