Fundamentals of the Future
HLB Cybersecurity Report 2024
In a world increasingly shaped by digital transformation, understanding the ever-evolving landscape of cybersecurity is crucial for business leaders and decision-makers.
Emerging cyber threats call for more proactive measures within organisations to combat risks before incident. In the wake of a series of major outages throughout 2024, bolstering cybersecurity defences remains a strategic imperative for business as professionals face an increasing number of sophisticated attacks.
Focusing on the fundamentals
Since 2020, HLB International has been measuring global businesses’ cyber readiness. Our latest insights reveal that many organisations face mounting pressures from cyber-attacks, with 39% reporting an increase over the past year. Yet, despite these threats, some organisations still overlook basic security measures, leaving themselves vulnerable to breaches.
Investment in continuous employee awareness and training programmes is crucial. Organisations can significantly reduce their vulnerability by equipping staff with the knowledge to recognise and respond to potential threats.
Organisations running ongoing awareness programmes increased four percentage points from last year’s HLB Cybersecurity Report to 24%, indicating that the message for firms to adopt a more rigorous approach to cyber training is having an impact.
An impressive 76% of organisations are confident in their ability to recover from cyberattacks quickly, while 81% maintain updated incident response plans.
Managing cybersecurity risks from third-party vendors
Third-party vendors can be seen to be essential as hyper-focused experts in particular fields, yet they can pose potentially significant cybersecurity risks.
Our survey reveals that 37% of organisations experienced a breach through a third-party vendor in the past year, while concerningly a further 20% are uncertain about their vendors’ security status, emphasising the critical need for strong third-party risk management strategies.
To mitigate these risks, businesses must implement comprehensive vendor management frameworks. These frameworks should take in four key steps, including due diligence, contractual obligations, incident response plans and continuous monitoring.
Email exploitation is marked as a major cybersecurity threat by 48% of organisations, closely followed by security misconfiguration at 40% and third party exposure at 39%
The Dual Role of AI
Artificial Intelligence (AI) stands as both a formidable ally and an unpredictable adversary. For IT professionals, cybersecurity experts and business leaders alike, understanding the role of AI is crucial for future-proofing their organisations.
AI is undeniably a powerful tool in enhancing cybersecurity measures. Its ability to quickly analyse vast datasets enables organisations to detect and respond to threats with unprecedented speed and accuracy. 29% of organisations surveyed have implemented additional security and governance controls when leveraging AI. These controls are designed to safeguard data integrity and protect against breaches, significantly strengthening defence frameworks.
However, AI's prowess is a double-edged sword. The same capabilities that enhance security can also be exploited by cybercriminals, leading to AI-driven attacks that are faster and more sophisticated than traditional methods. Alarmingly, we see that 28% of organisations either currently use or plan to use AI without proper controls in place, creating vulnerabilities that can easily be exploited.