New research from Zscaler has highlighted a concerning trend in the cybersecurity landscape, with 60% of global companies anticipating a major incident within the next year. The study revealed that organizations may be overestimating their readiness for attacks, as there is a critical gap between the confidence of IT leaders and the actual level of protection.
A survey of 1700 specialists across 12 countries found that nearly half (49%) believe their IT infrastructure is resilient to threats, and 94% are confident in the effectiveness of their cybersecurity measures. However, the frequency of attacks, including ransomware incidents, continues to rise, resulting in significant financial losses each year.
Furthermore, 40% of organizations have not updated their cyber resilience strategy in over six months, and only 45% have adjusted their approach to address modern threats such as those related to artificial intelligence. This discrepancy between confidence levels and proactive security measures highlights the need for a more comprehensive cybersecurity approach.
Zscaler advocates for a shift towards a Resilient by Design framework, which involves preparing for possible attacks in advance rather than solely focusing on prevention efforts. Central to this approach is the implementation of a Zero Trust architecture, which aims to minimize potential vulnerabilities.
Despite a growing recognition of the importance of cyber resilience, only 39% of respondents view it as a top priority for senior management. Budget constraints also pose a challenge, with 49% of participants acknowledging that current investments in defense measures are inadequately aligned with the scale of cyber threats. Additionally, only 44% of organizations actively involve their Chief Information Security Officer (CISO) in developing resilience strategies, and just 36% have integrated cybersecurity into their overall business continuity plans.
Zscaler underscores that the question is no longer if a major cyber incident will occur, but rather when it will happen. To stay ahead of emerging threats, companies must adopt a Zero Trust approach to minimize vulnerabilities, prevent lateral movement of malicious software, and safeguard against data breaches.