2023 Cybersecurity Maturity Report Reveals Organizational Unpreparedness for Cyberattacks

1 year ago AndyC

Mar
23,
2023The
Hacker
News

In
2022
alone,
global
cyberattacks
increased
by
38%,
resulting
in
substantial
business
loss,
including
financial
and
reputational
damage.

2023 Cybersecurity Maturity Report Reveals Organizational Unpreparedness for Cyberattacks



Mar
23,
2023The
Hacker
News


2023 Cybersecurity Maturity Report Reveals Organizational Unpreparedness for Cyberattacks

In
2022
alone,
global
cyberattacks
increased
by
38%,
resulting
in
substantial
business
loss,
including
financial
and
reputational
damage.
Meanwhile,
corporate
security
budgets
have
risen
significantly
because
of
the
growing
sophistication
of
attacks
and
the
number
of
cybersecurity
solutions
introduced
into
the
market.
With
this
rise
in
threats,
budgets,
and
solutions,
how
prepared
are
industries
and
countries
to
effectively
address
today’s
cyber
risk?

CYE’s
new

Cybersecurity
Maturity
Report
2023
tackles
this
question
by
shedding
light
on
the
strength
of
cybersecurity
in
different
sectors,
company
sizes,
and
countries.
It
highlights
which
industries
and
countries
have
the
most
robust
cyber
postures
and
which
are
lagging,
as
well
as
the
most
prevalent
vulnerabilities
in
today’s
cyber
threat
landscape.

The
analysis
is
based
on
two
years’
worth
of
data,
collected
from
over
500
organizations
in
15
countries,
and
spanning
11
industries
and
a
range
of
company
sizes.
It
measures
cybersecurity
maturity
across
seven
different
security
domains,
including
application
level
security,
network
level
security,
identity
management
and
remote
access,
and
more.

Here
are
the
top
findings:


Cybersecurity Maturity Report

Finding
#1:
Larger
Budgets
Don’t
Necessarily
Mean
Better
Cybersecurity

Among
countries,
Norway
scored
the
highest
on
overall
cybersecurity
maturity
level,
followed
by
Croatia
and
Japan.
Although
these
countries
do
not
have
the
substantial
cybersecurity
budgets
of
countries
such
as
the
US,
UK,
and
Germany,
they
do
have
advanced
regulatory
systems.
Other
possible
reasons
that
Norway,
Croatia,
and
Japan
took
the
lead
include
early
cybersecurity
adoption
in
these
countries
and
unified
planning
by
governments
and
organizations.
This
finding
illustrates
how
large
financial
investments
do
not
necessarily
translate
into
high
maturity
levels.


Cybersecurity Maturity Report

Finding
#2:
Tech
Companies
Score
Average

Among
sectors,
energy
and
financial
industries
came
out
on
top
for
overall
cybersecurity
maturity
level,
while
healthcare,
retail,
and
government
agencies
were
among
the
lowest.
Surprisingly,
the
tech
industry
scored
about
average,
which
is
possibly
because
of
the
larger
attack
surface
such
companies
typically
must
defend
compared
to
other
sectors.

The
average
score
could
also
be
because
tech
companies
tend
to
adopt
new
technologies
that
could
be
particularly
vulnerable
to
attacks
and
exploits.
In
addition,
tech
companies
tend
to
experience
growth
much
faster
than
other
sectors,
which
can
be
an
additional
challenge
when
trying
to
maintain
a
strong
cyber
posture.

Finding
#3:
Small
and
Medium
Organizations
Score
Higher
Than
Large
Organizations

Surprisingly,
small-
and
medium-sized
organizations
had
better
cybersecurity
maturity
scores
than
organizations
with
over
10,000
employees.
This
could
be
because
small
organizations
may
have
an
easier
time
protecting
their
small
attack
surfaces.
With
medium-sized
organizations,
investing
in
cybersecurity
solutions
is
clearly
a
priority.
When
it
comes
to
large
organizations,
however,
having
to
defend
such
a
large
attack
surface
clearly
has
an
effect
on
the
level
of
cybersecurity
maturity.

Finding
#4:
Nearly
One-Third
of
Companies
Lack
Effective
Password
Policies

The
study
found
that
32%
of
organizations
were
found
to
have
weak
password
policies—a
highly
solvable
problem
that
companies
apparently
have
not
adequately
tackled.
In
addition,
23%
of
organizations
were
found
to
have
weak
authentication
mechanisms.
This
is
concerning,
because
the
combination
of
the
two
issues
empowers
hackers,
who
can
then
simply
log
in
with
minimal
effort.


Click
here
to
download
the
full
report.

Recommendations
for
Better
Cybersecurity
Maturity

The
overall
takeaway
from
the
report
is
that
most
organizations
are
not
adequately
prepared
for
the
threat
of
cyberattacks.
However,
organizations
can
still
achieve
a
high
cybersecurity
maturity
posture
without
a
large
budget,
if
they
plan
and
spend
correctly.

To
protect
themselves,
organizations
should
invest
in
capabilities,
rather
than
tools;
perform
comprehensive
assessments
to
prevent
hackers
from
exploiting
vulnerabilities;
and
develop
an
integrated
approach
to
cybersecurity
with
board-level
accountability.
Cybersecurity
optimization
solutions
such
as
CYE
can
help
by
combining
technology,
people,
and
processes
to
manage
organizational
cyber
risk
and
perform
cyber
risk
quantification
to
understand
threats
and
prioritize
mitigation.


Schedule
a
demo
to
see
how
you
can
improve
your
cybersecurity
maturity.

Found
this
article
interesting?
Follow
us
on

Twitter


and

LinkedIn
to
read
more
exclusive
content
we
post.

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts

More Stories

Latrodectus Malware Loader Emerges as IcedID's Successor in Phishing Campaigns

Latrodectus Malware Loader Emerges as IcedID’s Successor in Phishing Campaigns

2 hours ago AndyC
Chinese Nationals Arrested for Laundering Million in Pig Butchering Crypto Scam

Chinese Nationals Arrested for Laundering $73 Million in Pig Butchering Crypto Scam

20 hours ago AndyC
Grandoreiro Banking Trojan Resurfaces, Targeting Over 1,500 Banks Worldwide

Grandoreiro Banking Trojan Resurfaces, Targeting Over 1,500 Banks Worldwide

20 hours ago AndyC
Kinsing Hacker Group Exploits More Flaws to Expand Botnet for Cryptojacking

Kinsing Hacker Group Exploits More Flaws to Expand Botnet for Cryptojacking

3 days ago AndyC
New XM Cyber Research: 80% of Exposures from Misconfigurations, Less Than 1% from CVEs

New XM Cyber Research: 80% of Exposures from Misconfigurations, Less Than 1% from CVEs

3 days ago AndyC
China-Linked Hackers Adopt Two-Stage Infection Tactic to Deploy Deuterbear RAT

China-Linked Hackers Adopt Two-Stage Infection Tactic to Deploy Deuterbear RAT

3 days ago AndyC

You may have missed

Grandoreiro Banking Trojan is back and targets banks worldwide

Grandoreiro Banking Trojan is back and targets banks worldwide

2 hours ago AndyC
Latrodectus Malware Loader Emerges as IcedID's Successor in Phishing Campaigns

Latrodectus Malware Loader Emerges as IcedID’s Successor in Phishing Campaigns

2 hours ago AndyC
Sekuro Appoints its First Federal Government Security Advisor

Sekuro Appoints its First Federal Government Security Advisor

8 hours ago AndyC
Weekly Update 400

Weekly Update 400

8 hours ago AndyC
Macquarie Uni to spend up to 0m on 10-year digital transformation

Macquarie Uni to spend up to $700m on 10-year digital transformation

11 hours ago AndyC

Subscribe To InfoSec Today News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.