Only one percent of organisations in Hong Kong are ready to tackle modern cybersecurity risks, according to Cisco’s 2024 Cisco Cybersecurity Readiness Index.
The study revealed that only one percent of organisations in Hong Kong have a “Mature” level of readiness, with the majority of companies (88%) falling into the "Beginner or Formative" stages of readiness.
Findings
Some 82% of respondents in Hong Kong expect a cybersecurity incident in the next 12 to 24 months. Around 26% of respondents said they experienced a cybersecurity incident in the last 12 months, and 42% of those affected said it cost them at least US$300,000.
Over half (54%) of organisations deployed ten or more point solutions in their security stacks, while 13% said they have 30 or more. However, around 78% of respondents said having multiple-point solutions slowed their detection, response, and recovery from cybersecurity incidents.
With the hybrid work set-up becoming more common, companies had employees with access to company platforms from unmanaged devices (81%) spend one-fifth (20%) of their time logged onto company networks from unmanaged devices (36%), and employees hop between at least six networks over a week (25%).
Increasing cyber investments
Some 38% intend to upgrade their IT infrastructure in the next 12 to 24 months, up from 18% last year. Companies plan to upgrade existing solutions (53%), deploy new solutions (51%), and invest in AI-driven technologies (45%). Regarding the cybersecurity budget, 86% of companies expect to increase their allocation in the next 12 months, and 77% intend to increase it by 10% or more.
“Today's organisations need to prioritise investments in integrated platforms and lean into AI to operate at machine scale and finally tip the scales in the favor of defenders,” said Jeetu Patel, executive vice president, and general manager of Security and Collaboration at Cisco.
Recommendations
To tackle modern cybersecurity risks, Cisco urges companies to invest in security, adopt innovative security measures and a security platform approach, strengthen network resilience, maximise generative AI, and bridge the cybersecurity skills gap through recruitment.