Cyber resilience tunnel vision is leaving enterprises open to external threats

More than six-in-ten organizations across worry their cyber resilience strategies are too internally-focused.

In a new report, cloud security firm Zscaler noted that businesses are increasingly susceptible to external shockwaves from cyber incidents, supply chain attacks, and geopolitical uncertainty.

As a result, 61% admitted their cyber resilience strategies are too internally-focused.

Six-in-ten (60%) said they have faced a major failure scenario owing to a supplier or third-party vendor over the past year, with 63% anticipating something similar over the next 12 months.

An overwhelming 96% are updating their strategy in response to external factors and shoring up defenses, with 90% having increased cyber resilience investment over the past 12 months.

"Disruptions can now originate far beyond an organization’s walls. True resilience must ripple outward across dependency layers such as partners, platforms, and supply chains to absorb external shockwaves before they destabilize operations,” said Brian Marvin, SVP EMEA at Zscaler.

“By adopting a ‘Resilient by Design’ approach that extends beyond the walls of the enterprise, organizations can embed the capacity to withstand inevitable failure or breach scenarios.”

Cyber resilience practices are falling flat

Crucially, only 34% of organizations believe their current resilience measures are highly effective against supply chain volatility, and 52% said their organization’s current security systems are unable to defend against advanced threats.

While 76% of organizations have either fully implemented or are actively trialing agentic AI technologies, 69% said they lack visibility into the use of shadow AI use, with 56% fearing sensitive data exposure.

Looking forward, more than half (57%) of organizations said they haven't factored Post-Quantum Cryptography (PQC) into their security strategy, despite 60% recognizing that today's stolen data could be at risk in three to five years.

Many are also facing agility issues, with 59% of respondents acknowledging that their organization’s IT architecture cannot keep pace with the rapid rate of business change, and many are still heavily dependent on legacy systems.

“While it makes sense that global organizations are nervous to invest in digital transformation in this geopolitical climate, it could result in laggards being behind the curve,” said James Tucker, head of EMEA CISOs in residence at Zscaler.

“Forward-thinking organizations are abandoning traditional centralized architectures and turning to distributed models with sovereignty and localization at their core to mitigate any data sovereignty concerns. These modern approaches enable granular configuration to address specific regulatory and operational requirements.”

FOLLOW US ON SOCIAL MEDIA

Make sure to follow ITPro on Google News to keep tabs on all our latest news, analysis, and reviews.

You can also follow ITPro on LinkedIn, X, Facebook, and BlueSky.