Ninety percent of these organisations are improving threat defense technologies and processes after attacks by separating IT and security functions (38 percent), increasing security awareness training for employees (38 percent), and implementing risk mitigation techniques (37 percent). The report surveyed nearly 3,000 chief security officers (CSOs) and security operations leaders from 13 countries in the Security Capabilities Benchmark Study, part of the Cisco ACR.

Now in its 10th year, the global report highlights challenges and opportunities for security teams to defend against the relentless evolution of cyber crime and shifting attack modes. CSOs cite budget constraints, poor compatibility of systems, and a lack of trained talent as the biggest barriers to advancing their security postures. Leaders also reveal that their security departments are increasingly complex environments with 65 percent of organisations using from six to more than 50 security products, increasing the potential for security effectiveness gaps.

“In 2017, cyber is business, and business is cyber –that requires a different conversation, and very different outcomes. Relentless improvement is required and that should be measured via efficacy, cost, and well managed risk. The 2017 Annual Cybersecurity Report demonstrates, and I hope justifies, answers to our struggles on budget, personnel, innovation and architecture,”said Shukri Eid, Managing Director – East Region, Cisco Middle East.

Cyber security has changed drastically since the inaugural Cisco Annual Security Report in 2007. While technology has helped attacks become more damaging and defences become more sophisticated, the foundation of security remains as important as ever.