Kroll Launches Detection and Response Maturity Model and Finds 91% of Businesses Overestimate Their Cyber Maturity, Increasing Their Vulnerability to Cyberattacks

Kroll Launches Detection and Response Maturity Model and Finds 91% of Businesses Overestimate Their Cyber Maturity, Increasing Their Vulnerability to Cyberattacks

Kroll, the leading independent provider of global risk and financial advisory solutions, has released The State of Cyber Defense Report 2023: Detection and Response Maturity Model, which discovered that 91% of cybersecurity professionals believe that their cyber detection and response processes are “very mature” or “somewhat mature,” yet, in fact, only 4% have mature processes in place. The model places organisations into three different stages of their cyber detection and response maturity journey; the three categories are Novice, Explorer and Trailblazer which reflect a low, medium and high level of maturity, respectively. The model illustrates that of those surveyed, 23% of businesses are Novices, 73% are Explorers and 4% are Trailblazers.

In the last year, businesses experienced an average of five major security incidents that resulted in data compromise or financial impact. Kroll’s model identified that Trailblazer organisations experience 30% fewer security incidents. Further, 23% of Trailblazer organiations did not experience a single significant data breach in the last year. This combined with the high cost of a data breach demonstrates that high cyber maturity could save businesses millions of dollars a year.

When looking at the behaviour of businesses within each group, a perception problem is made evident. Indeed, 43% of those placed in the Novice group feel that their detection and response measures are very mature with no improvement required. Further, organisations in the Trailblazer group are less likely to report that they are very mature (13%) compared to Explorer or Novice organisations. This would indicate that those in the Trailblazer group have a greater awareness of what it means to be cyber mature.

Mark Nicholls, Chief Research Officer, Cyber Risk, Kroll, commented: “It’s both interesting and concerning that our findings highlight a significant gap between how businesses view their level of cyber maturity and how they approach their cybersecurity in practice.

Also Read: Best Practices to Secure Data Integration

“It’s also clear that achieving and maintaining long-term cyber resilience is more challenging than expected. Based on the fact that ‘Trailblazer organizations’ are more likely to self-assess as ‘not very’ cyber mature, it would appear that having a healthy dose of ‘cyber cynicism’ is a distinct advantage for organizations seeking to maintain their cyber resilience. Adopting a willingness to question established infosec processes and a drive to review and update tools and solutions with the support of proven security partners is key to improving maturity.

“Beyond a level of cynicism, businesses also need the right technology in place so that they can see the true scope and profile of the threats they face, including robust detection and response capabilities and an effective MDR solution. With the right tools and a healthy dose of self-awareness, organizations are on the right track towards true cyber maturity.”

For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.