Nearly 75 percent of surveyed organizations lack the maturity to address cybersecurity risks, according to the RSA research.
The survey by RSA, the Security Division of EMC, allowed participants to self-assess the maturity of their cybersecurity programs leveraging the NIST Cybersecurity Framework (CSF).
The research has also provided global insight into how organizations rate their overall cybersecurity maturity and practices across a variety of organizational sizes, industries and geographies.
According to the research, the area of Protection is considered as the most mature capability.
Additionally, 45 percent of the respondents said the greatest weakness of the organizations is the ability to measure, assess and mitigate cybersecurity risk.
While, 21 percent of the respondents said they are mature in this domain and can measure, assess and mitigate cybersecurity risk.
In fact, 83% of organizations surveyed with more than 10,000+ employees rated their capabilities as below developed in overall maturity.
The result indicates that large organizations’ overall experience and visibility into advanced threats dictate the need for greater maturity than their current standing.
Organizations in the Telecommunications industry reported the highest level of maturity with 50% of respondents having developed or advantaged capabilities.
Meanwhile government ranked last across industries in the survey, with only 18% of respondents ranking as developed.
The maturity of organizations in the America ranked behind both APJ and EMEA and with 39 percent of organizations in APJ ranked as developed or advantaged in overall maturity while only 26% of organizations in EMEA and 24% of organizations in the Americas rated as developed or advantaged.
“Organizations across APJ region including India showcase a great deal of maturity in their security strategies as compared to their peers in the Americas or the EMEA region,” said Kartik Shahani, regional director, RSA, India & SAARC.
Shilpa Khatri
