Cisco today published its 2021 Security Outcomes Study, offering actionable insights for practitioners deciding where to focus their efforts in the year ahead.

The double-blind, independently analyzed survey of 4,800 security, IT and privacy professionals across 25 countries pulls back the curtain on what specific practices foster greater security. The results offer security teams a blueprint for success beyond managing risk, but also enabling the business and operating efficiently.

The survey revealed that change is a primary factor in cybersecurity success.

On average, programs that include a proactive, best-of-breed tech refresh strategy are 12.7% more likely to report overall security success – the highest of any practice. Unfortunately, not all organizations have the budget or expertise to make this happen, also known as the “Security Bottom Line.” A strategy to migrate to cloud and SaaS security solutions can help close this gap. Subscription-based solutions are affordable, easy to deploy and integrate, while automatic updates ensure the technology is continually modernized without additional cost or effort.

The report also highlighted the respondent’s response whether they are following a zero trust security model, which is another crucial element of security at Cisco. According to our survey, 39% of respondents are fully embracing zero trust, while another 39% are moving towards the model.

Other key findings from the report include:

A well-integrated technology stack is the second most important factor for cyber security success. It has a positive impact on nearly every outcome evaluated, increasing the probability of overall success by an average of 10.5%. Interestingly, integrations also benefit the recruitment and retention of talent, as security teams want to work with the best technology and avoid burnout.

Integration is also the most significant factor in establishing a security culture that the entire organization embraces. Instead of traditional security training programs, which did not correlate with positive culture, invest in technology that is flexible and frictionless.

As a standalone practice, simply knowing potential cyber risks appears to correlate the least with overall success. This seems surprising, but points to the importance of a comprehensive threat intelligence and incident management program with the ability to both mitigate and remediate. In fact, practices such as timely incident response and accurate threat detection correlate much more strongly with overall security success.

Mike Hanley, Chief Information Security Officer at Cisco. “Cisco’s 2021 Security Outcomes Study helps teams prioritize practices that not only secure the business, but also play a significant role in enabling its growth and success. Even in the face of an ever-changing threat landscape and shrinking budgets, successful security outcomes are possible.”

(Image Courtesy:

Leave a Reply

Your email address will not be published. Required fields are marked *