New York – Kroll, the leading independent provider of global risk and financial advisory solutions, has released The State of Cyber Defense Report 2023: Detection and Response Maturity Model, which discovered that 91% of cybersecurity professionals believe that their cyber detection and response processes are “very mature” or “somewhat mature,” yet, in fact, only 4% have mature processes in place. The model places organizations into three different stages of their cyber detection and response maturity journey; the three categories are Novice, Explorer and Trailblazer which reflect a low, medium and high level of maturity, respectively. The model illustrates that of those surveyed, 23% of businesses are Novices, 73% are Explorers and 4% are Trailblazers.
In the last year, businesses experienced an average of five major security incidents that resulted in data compromise or financial impact. Kroll’s model identified that Trailblazer organizations experience 30% fewer security incidents. Further, 23% of Trailblazer organizations did not experience a single significant data breach in the last year. This combined with the high cost of a data breach demonstrates that high cyber maturity could save businesses millions of dollars a year.
When looking at the behavior of businesses within each group, a perception problem is made evident. Indeed, 43% of those placed in the Novice group feel that their detection and response measures are very mature with no improvement required. Further, organizations in the Trailblazer group are less likely to report that they are very mature (13%) compared to Explorer or Novice organizations. This would indicate that those in the Trailblazer group have a greater awareness of what it means to be cyber mature.
Scott Hanson, Head of Global Security Operations, Cyber Risk, Kroll, commented: “Our research findings illustrate a concerning gap between how businesses perceive their level of cyber maturity and their capabilities in practice. It’s clear that building long-term cyber resilience is more challenging than expected. While ‘Novice’ organizations often become complacent with only basic security monitoring in place, ‘Trailblazer’ organizations are more likely to self-assess as ‘not very’ cyber mature. It would appear that a healthy dose of ‘cyber cynicism’ (or simple humility) is a distinct advantage for organizations seeking to maintain their cyber resilience.
“Being willing to question established ‘bare minimum’ approaches and invest in solutions with the support of proven security partners is key. Businesses need the right technologies in place so that they can see the true scope of the threats they face, paired with robust detection and response expertise such as an experienced MDR provider. With the right tools, partnerships, and a keen sense of self-awareness, organizations are on the path towards true cyber maturity.”
Key global findings from The State of Cyber Defense 2023: Detection and Response Maturity Model include:
- The Perception Problem: 91% of cybersecurity professionals self-reported that their cybersecurity practices were “very mature” or “somewhat mature”. However, the analysis shows that only 4% of businesses have mature detection and response practices in place.
- Trailblazers Can Expect Fewer Significant Data Breaches: 23% of organizations in the Trailblazer group did not experience a single significant data breach that resulted in data loss or financial impact in the last year. This is notably higher than those in the Explorer (4%) and Novice groups (2%). Considering the cost of a data breach, there are considerable financial incentives to becoming a Trailblazer.
- Insurance is a Mature Option: Over half (51%) of Trailblazer organizations have cyber insurance, compared to 7% for organizations in the Novice group.
- Outsourcing is Key: Almost eight in 10 (79%) organizations in the Trailblazer group outsource part of their cybersecurity services. This is notably greater than those in the Explorer (52%) or Novice (34%) groups.
- Only the Basics Are Being Covered: Worryingly, a fifth of organizations (20%) only have the basics—cybersecurity monitoring—in place. Further, only 3% of organizations have all the recommended detection and response elements in their cybersecurity program. These include crisis management, threat intelligent enrichment, detection engineering and recovery capabilities.
- The Differences in Trust Between Novice and Trailblazer: Security teams generally trust employees to avoid falling victim to a cyberattack (66%) above accuracy of cybersecurity alerts and the effectiveness of tools. However, when looking at the data through the lens of cyber maturity, Trailblazers trust their employees to avoid a cyberattack the least (54%) and the effectiveness of cybersecurity tools is trusted the most (69%).
The State of Cyber Defense Report 2023: Detection and Response Maturity Model analyzed data from a survey of 1,000 senior IT security decision-makers in Q1 2023 at firms with $50 million (mn) to $10 billion (bn) in revenue. The survey was carried out by an independent specialist in market research, Vanson Bourne, and all respondents had some responsibility or knowledge of cybersecurity within their organization. Respondents were from the U.S., the UK, Ireland, Spain, Italy, Singapore, Hong Kong, Japan and Brazil.
Explore The State of Cyber Defense 2023: Detection and Response Maturity Model and see the interactive model on the Kroll website with data split by revenue, industry and region.
About Kroll
As the leading independent provider of risk and financial advisory solutions, Kroll leverages our unique insights, data and technology to help clients stay ahead of complex demands. Kroll’s team of more than 6,500 professionals worldwide continues the firm’s nearly 100-year history of trusted expertise spanning risk, governance, transactions and valuation. Our advanced solutions and intelligence provide clients the foresight they need to create an enduring competitive advantage. At Kroll, our values define who we are and how we partner with clients and communities. Learn more at Kroll.com.
For More Information Contact
Devonne Cusi
+1 212 450 8199
Devonne.Cusi@kroll.com
Savannah O’Hare
+34 711 02 32 81
Savannah.o’hare@kroll.com