Cisco SecurityBlogSecurity TransformationCisco
Blog • • 9 minute read

WWT's Take on Cisco Cybersecurity Readiness Index

At the end of March of 2024, Cisco published a comprehensive Cybersecurity Readiness Index that contained information about how prepared organizations are for modern cyber threats. This post highlights WWT's perspective on the five key areas of the report: identity, machine trust, network, cloud and AI protections.

Three, just three percent. That's the number of respondent organizations deemed to have a mature level of preparedness. Just 3%. Between 2023 and 2024 the Cisco Cybersecurity Index has dropped from 15% of organizations to 3% of organizations in the mature category... That's a big drop, but it's to be expected when dealing with the modern threats of AI Fortification, Machine Trustworthiness, and Identity Intelligence. Couple that with "Almost half (46%) of the companies said they had more than 10 unfilled cybersecurity roles on their teams at the time of our survey." That's a staggering number of unfulfilled jobs! If you're finding yourself in that position, please reach out to WWT Services they can help!

 Another reason for the low maturity percentage is the complexities of organizations, "four in five companies (80%) admit that having multiple point solutions is slowing down their team's ability to detect, respond to, and recover from incidents." It's always been tricky to get all the best-of-breed products to work together, and most organizations can no longer afford a specialist, or even find a specialist, to run that one security product in the corner. Finally, "nearly one in three (29%) employees move between at least six networks weekly… Four out of five organizations (82%) cite remote logins as a heightened threat vector." Remote logins are one of the reasons why Identity has seen a rework this year. 

Throughout 2023 Identity has been a problem. Last year Identity Management was recognized as "the most critical area by our respondents." This year, the bar for identity has increased even further, with Identity Intelligence adding requirements like "Cross-contextual Identity Posture" and "Cross-contextual Identity Analytics." We've also seen the addition of "Identity Behavior" and an increased focus on "Identity Anomalies."  These additions make Identity maturity much more difficult than last year, and it shows in the results. With only 5% of organizations reaching the mature rank (compared to 20% in the Mature category last year). "It is not enough to know just who is trying to access network resources, but practitioners also need to understand the context of each access request." This shift in Identity Intelligence is in line with the 2023 attack popularity seen by TALOS. Valid Accounts were the second-highest volume of attack techniques seen in 2023. Blocking valid credentials is where Identity Posture and Identity Analytics play a vital role for a modern organization. Identity is also tricky to get right, and all-encompassing in an organization.  

*source: 2023 Talos Year in Review

WWT's identity strategy and services focus on understanding, managing, and documenting the ecosystems of employees, customers, contractors and connected devices within an organization. This strategy allows organizations to provide fast and seamless access to corporate assets while protecting against insider threats, compliance violations and fraud. 

Moreover, WWT has made significant investments in its security capabilities and practice, positioning itself to benefit from the growth in the security market. This includes the Identity & Access Management focus area, which is relevant to most of the Great 8 Campaigns. WWT also offers an IAM Assessment to reduce risk and a briefing tailored for senior security and business leaders seeking to enhance their organization's IAM capabilities. Furthermore, WWT's Active Directory Strategy Accelerator develops a plan to modernize and mature active directory, preparing organizations to support new identity requirements.

"According to industry estimates, billions of new devices are expected to get connected over the next few years, generating data running into zettabytes. These range from soil moisture detectors, connected microscopes, plant machinery, and even door security systems." Each one of these new devices can be an entry point into a network. This is the reason that Machine Trustworthiness is so important. Six years ago, I remember an outrageous story about a Casino getting hacked via a fish tank thermometer… That was six years ago, and the hacks on IOT devices have just gotten better since. The Cyber Security Readiness Index said, "Only 7% of companies are in the Mature category in the [Machine Trustworthiness] pillar and a further 21% are in the Progressive category." With the number of devices continuing to grow WWT is committed to helping organizations gain visibility and strategy for the IOT devices on their network.

As OT assets increasingly merge with traditional IT environments, organizations must be aware of the risks to intellectual property, customer data, and operational infrastructures, while still prioritizing uptime and staff safety. OT Security prioritization includes everything from physical building access systems and building protection to industrial control systems (ICS). WWT's OT Security specialization aims to manage these risks by ensuring continuous operations of physical systems. OT teams are encouraged to become more self-reliant in their understanding of security and network visibility so they can detect and identify anomalies. This approach helps to optimize both security and industrial goals, allowing OT leaders to manage and apply security policies independently.

Another category that we saw again this year in the Cybersecurity Readiness Index is Network Security. However, this category has also been enhanced with more modern requirements. 

Since "employees need to be able to roam across multiple networks throughout their day, [modern] network is more vulnerable to cyberattacks" more than ever before. Most organizations have "opted to use firewalls with built-in Intrusion Prevention Systems (IPS). Nearly three-quarters (74%) of firms surveyed said they had deployed this capability."  This has increased from 63% just a year ago. The challenges are in the micro-segmentation category. Where only 37% of companies have implemented micro-segmentation, and of those 46% admit to only a partial deployment. As a result, only "7% of companies are in the Mature category, and 30% are in the Progressive stage of readiness in this pillar." 

WWT's networks security services are designed to provide comprehensive protection for your network, given that it is the backbone of your organization's operations and touches every aspect of your business. These services encompass a range of areas, including firewalls, segmentation, micro-segmentation, visibility into encryption, and network behavior anomaly detection and setup. In terms of segmentation and micro-segmentation, WWT helps organizations implement strategies to manage the risks associated with flat networks. By grouping applications and applying security policies based on risks, WWT can limit access to potential threats. This approach enhances security posture by providing comprehensive visibility into lateral movements within the network, allowing for the detection and addressing of threats across internal network segments

Cloud Security is one of those categories that becomes increasingly complex the more you look into it. I know I get overwhelmed just looking at all the possible solutions in this space. "Based on the state of deployment of various capabilities, the majority of organizations fall into the Beginner (27%) or Formative (54%) categories for Cloud Reinforcement, with only 15% qualifying as Progressive and 4% as Mature" for Cloud Security. "International Data Corporation (IDC) projects that 750 million cloud-native applications will be created globally by 2025." (source) According to the index "78% of IT professionals globally feel that their organization is vulnerable to a multistage security attack that would affect the full application stack over the next 12 months." Securing a home-grown application (regardless of where it resides) requires a multi-prong approach with security shifting left in the development cycle, and expanding protections to the right in the development cycle as well. 

WWT's application security practice addresses key challenges such as managing and mitigating vulnerabilities in applications, implementing and enforcing secure coding practices and standards, and managing the security risks associated with third-party and open-source software components. The practice also emphasizes the importance of "shifting left," incorporating security measures such as secure coding, threat modeling, security testing, and code reviews in the initial phases of the software development lifecycle.

Finally, Cisco has added the AI Readiness category to this year's Index. "AI has also been leveraged by bad actors to wreak havoc on unprepared targets. As such, integrating AI into frontline defenses has become a critical ingredient to cybersecurity readiness." AI gone wrong has been a noisy front for cybersecurity departments in 2024. The sheer scale of these attacks is terrifying, and combining generative AI with phishing, and even vishing, is something that isn't going away. However, the AI integrations to the other four pillars (Identity, Machine Trust, Network and Cloud) are slow, and in some cases nonexistent, for the blue team side of this equation. Thus, "the nascent stage of AI's integration across cybersecurity functions explains why organizations at the Formative (42%) stage account for most of our survey respondents, followed by 46% Progressive, and [just] 7% Mature" of the organizations surveyed.  

WWT's leadership has recognized the transformative potential of Artificial Intelligence (AI) in the realm of security and has been actively guiding and facilitating the integration of AI into security technologies over the past year. This commitment is evident in the numerous initiatives and services that WWT has developed and offered to its customers. WWT's AI security practice addresses the new enterprise risks that have emerged with the rapid global adoption of AI, as well as the opportunities that AI provides for customers to become more effective security practitioners. This includes areas such as reporting, researching, scripting, policy management, vulnerability management, and identity and access management. WWT also offers services such as risk assessments, vulnerability management, and implementation to assist customers in their AI security journey.

Through thought leadership and innovation, we craft scalable solutions that demystify the complex, driving business-focused transformation that delivers our customers' outcomes securely. This is our goal at WWT, to help organizations always consider security with any new or existing solution proposed. The cybersecurity threats are real, and the attacks are costly. "Organizations are starting to take action with over half (52%) planning to significantly upgrade their IT infrastructure in the next 12-24 months," a marked increase from 2023 when just one-third (33%) planned to do so. This increase in budget is across all the domains of cybersecurity, and across all global markets, and industry verticals, is desperately needed. 

We're here to help secure organizations against this next generation of security threats. 

 

Technologies