Cisco’s 2024 Cybersecurity Readiness Index offers a timely look at how prepared diverse industries are to face a cyberattack. The report surveyed 8,136 private sector business leaders with cybersecurity responsibilities across 18 industries in 30 territories in North America, Latin America, EMEA, and Asia Pacific.

Kicking off with an alarming tagline – “Underprepared and Overconfident Companies Tackle an Evolving Landscape” – the report contains a lot of important information. Here are 5 of our takeaways.

1. Slow Progress in Cybersecurity Readiness

Although the index highlights how organizations recognize cybersecurity threats, the lack of readiness is substantial:

“This lack of readiness is substantial despite almost three-quarters of companies (73%) believing a cybersecurity incident will disrupt their business in the next 12-24 months. What is surprising, though, is that despite this lack of readiness, 80% of companies feel moderately to very confident in their ability to stay resilient amidst this evolving cybersecurity landscape. While this number is down from last year, it does underline a gap that suggests companies may have misplaced confidence in their ability to navigate the threat landscape and are not properly assessing the true scale of the challenges they face.”

It's alarming that only 3% of organizations achieved a “Mature” cybersecurity readiness level in 2024 when cyberattacks are rising – especially against manufacturers.

2. Complexity as an Impediment to Effective Cybersecurity

Dutch computer scientist Edsger W. Dijkstra is quoted as having said, “Simplicity is a prerequisite for reliability.” Wise words from the Turing Award winner.

The same can be said for cybersecurity. However, the index highlights how detrimental complexity is to cybersecurity efforts. The proliferation of disparate tools and technologies has created a cybersecurity labyrinth that makes management and integration particularly challenging.

“While companies race to ramp up resources, the complexity of their security stack is further slowing them down or making their responses less efficient. More than two-thirds (67%) of companies said they have more than 10 point solutions in their security stack, with 25% admitting that they have more than 30 point solutions…

“…However, as digitization has picked up pace and threats evolve and become more sophisticated, this approach is now having the opposite effect. Four in five companies (80%) admit that having multiple point solutions is slowing their team’s ability to detect, respond to, and recover from incidents.”

Navigating legacy systems, various IT environments, new technologies, cloud complexities, and hybrid infrastructures can be messy for manufacturers. A simple security architecture and consolidating tools are critical to an overall cybersecurity strategy.

3. The Pervasive Talent Gap

The skills gap continues to plague the manufacturing industry, including cybersecurity professionals. This shortage of experts is impeding the implementation and management of robust security programs across all sectors. The report says that 46% of companies had more than five unfilled positions during the survey.

The report recommends: “Ramp up the recruitment and upskilling of in-house talent to close cybersecurity talent gaps. Where possible, leverage the advancements in AI to augment and automate tasks while leaning on external cybersecurity expertise to help close key gaps in building and operating cybersecurity infrastructure.”

Partnering with a cybersecurity expert can ensure you have the cybersecurity tools and infrastructure to protect your business. For example, Rexel has certified cybersecurity professionals who can secure critical manufacturing infrastructure.

4. SMBs in the Crosshairs

Many manufacturers fall into the small and medium-sized business (SMB) category, which has a unique set of cybersecurity challenges. It’s common for them to operate with limited resources and expertise compared to larger enterprises. In addition, the talent gap poses real trouble for smaller businesses. The report states, “It goes without saying, unfortunately, that smaller organizations — those of up to 250 employees — tend to be less ready, with large numbers dropping into the Formative (64%) and Beginner (16%) categories…

“…With small and medium enterprises representing about 90% of businesses and more than 50% of employment worldwide, more support is needed to help them ramp up their security readiness.”

SMBs are more vulnerable. If that’s you, you must take a particularly strategic approach to cybersecurity. This is also an excellent scenario for partnering with a cybersecurity expert. The investment is well worth it compared to paying a ransom to a hacker and losing money from downtime. Rexel was recently awarded Cisco’s Small Business Specialization, which equips us to offer end-to-end small and medium-sized business solutions.

5. The Cloud Security Challenge

Cloud computing involves using remote servers hosted on the Internet to store, manage, and process data related to your manufacturing operations. This includes design and engineering data, production schedules, quality control information, supply chain logistics, etc. Hosting information on the cloud enables you to share and access this data from anywhere with an internet connection, usually through web-based applications or software-as-a-service (SaaS) platforms.

As organizations continue adopting cloud technologies, securing those environments is critically important. The report discusses the importance of understanding cloud security responsibilities and having the appropriate controls to protect sensitive data in the cloud. According to the report, only 4% of organizations consider themselves “Mature” in cloud reinforcement readiness – a significant need for improvement.

In Closing

Cisco’s 2024 Cybersecurity Readiness Index provides a valuable snapshot of the current state of cybersecurity preparedness. While progress is happening, there are still significant challenges. Rexel’s cybersecurity experts have the cybersecurity and manufacturing knowledge to help you mitigate—or recover from—a cyberattack. Learn more about our cybersecurity services here, or contact us today.

Billy Hayes attended Oklahoma State University and was employed by an OSI integration company upon graduation. In the spring of 2014, he joined Rexel as an Automation and Software Specialist in Tulsa for the Eastern Oklahoma region. Billy then moved to Denver in 2018 to take a role as the Connected Enterprise Specialist for the Colorado and Wyoming regions. After a short tenure as a Services and Solutions Consultant in early 2023, he took on the IIoT Business Development Manager position.

What is R+ IQ?

R+IQ delivers manufacturing excellence, recognizing the pivotal role of people, processes, and technology in propelling customers towards Industry 4.0 success. Committed to meeting clients at every stage of their digital transformation journey, R+IQ fosters collaborative partnerships to ensure the delivery of results essential for thriving in the intelligent factories of tomorrow.

With an unwavering focus on industrial automation challenges spanning from Industry 3.0 to 5.0, R+IQ drives the forefront of industrial evolution through digitization, big data utilization, and seamless automation integration. Achieve sustained success in the dynamic landscape of industrial automation with solutions for:

KNOWLEDGE HUB

Knowledge you can use from experts you can trust

5 Takeaways From Cisco’s 2024 Cybersecurity Readiness Index