According to the Cisco 2017 Annual Cybersecurity Report (ACR), more than one-third of organizations that experienced a breach in 2016 reported substantial customer, opportunity and revenue loss of more than 20 percent. Ninety percent of these organizations are improving threat defence technologies and processes after attacks by separating IT and security functions (38 percent), increasing security awareness training for employees (38 percent), and implementing risk mitigation techniques (37 percent). The report surveyed nearly 3,000 CSOs and security operations leaders from 13 countries in the Security Capabilities Benchmark Study.
The report highlights challenges and opportunities for security teams to defend against the relentless evolution of cybercrime and shifting attack modes. CSOs cite budget constraints, poor compatibility of systems, and a lack of trained talent as the biggest barriers to advancing their security postures. Leaders also reveal that their security departments are increasingly complex environments with 65 percent of organizations using from six to more than 50 security products, increasing the potential for security effectiveness gaps.