Cybersecurity Maturity Report 2023 Reveals global cyberattacks increased by 38%
In 2022, global cyberattacks increased by 38%, resulting in substantial business loss, including financial and reputational damage. Meanwhile, corporate security budgets have risen significantly because of the growing sophistication of attacks and the number of cybersecurity solutions introduced into the market. With this rise in threats, budgets, and solutions, how prepared are industries and countries to effectively address today’s cyber risk?
It highlights which industries and countries have the most robust cyber postures and which are lagging, as well as the most prevalent vulnerabilities in today’s cyber threat landscape.
The analysis is based on two years’ worth of data, collected from over 500 organizations in 15 countries, and spanning 11 industries and a range of company sizes. It measures cybersecurity maturity across seven different security domains, including application level security, network level security, identity management and remote access, and more.
Maturity level by country:
Larger Budgets Don’t Necessarily Mean Better Cybersecurity:
Among countries, Norway scored the highest on overall cybersecurity maturity level, followed by Croatia and Japan. Although these countries do not have the substantial cybersecurity budgets of countries such as the US, UK, and Germany, they do have advanced regulatory systems. Other possible reasons that Norway, Croatia, and Japan took the lead include early cybersecurity adoption in these countries and unified planning by governments and organizations. This finding illustrates how large financial investments do not necessarily translate into high maturity levels.
Tech Companies Score Average:
Among sectors, energy and financial industries came out on top for overall cybersecurity maturity level, while healthcare, retail, and government agencies were among the lowest. Surprisingly, the tech industry scored about average, which is possibly because of the larger attack surface such companies typically must defend compared to other sectors.
The average score could also be because tech companies tend to adopt new technologies that could be particularly vulnerable to attacks and exploits. In addition, tech companies tend to experience growth much faster than other sectors, which can be an additional challenge when trying to maintain a strong cyber posture.
Small and Medium Organizations Score Higher Than Large Organizations:
Surprisingly, small- and medium-sized organizations had better cybersecurity maturity scores than organizations with over 10,000 employees. This could be because small organizations may have an easier time protecting their small attack surfaces. With medium-sized organizations, investing in cybersecurity solutions is clearly a priority. When it comes to large organizations, however, having to defend such a large attack surface clearly has an effect on the level of cybersecurity maturity.
Nearly One-Third of Companies Lack Effective Password Policies:
The study found that 32% of organizations were found to have weak password policies—a highly solvable problem that companies apparently have not adequately tackled. In addition, 23% of organizations were found to have weak authentication mechanisms. This is concerning, because the combination of the two issues empowers hackers, who can then simply log in with minimal effort.
- Most Important Cyber Security Tips 2023
- Every Business Owner 10 Essential Cybersecurity Facts Must Know
- New WinRAR Vulnerability Could Allow Hackers to Take Control of Your desktop
- New Attack Campaign Targeting Zimbra Email Users for Credential Theft
- India Passes New Digital Personal Data Protection Bill (DPDPB)