The state of cybersecurity resilience now
In our annual survey among 4,744 global respondents around the current state of
cybersecurity resilience, we found 85% of CISOs agree or strongly agree that the
cybersecurity strategy is developed with business objectives, such as growth or
market share, in mind. Yet, 81%, also said that “staying ahead of attackers is a
constant battle and the cost is unsustainable” compared with 69% in 2020.
Cyber attacks are up: There were on average 270 attacks per company
over the year, a 31% increase over 2020. Third-party risk continues to dominate:
successful breaches to the organization through the supply chain have increased from
44% to 61%.
Security investment continues to rise: More than 80% of our survey
respondents say their budgets have increased in the last year. IT security budgets
are now up to 15% of all IT spending,
5 percentage points higher than reported
Cloud still has a complex relationship with security: Despite most
respondents believing in secure cloud, 32% say security is not part of the
cloud discussion from the outset and they’re trying to catch up. Reasons preventing
take-up of the cloud revolve around security issues:
about one-third of all
respondents say poor governance and compliance is a problem, that cloud security is
too complex and that they do not have the internal skills to structure a proper
cloud security framework.