HCLTech’s Global Cyber Resilience Study 2024-25: Insights and Strategic Priorities for Cybersecurity

In an era where cyber threats are becoming increasingly sophisticated and pervasive, HCLTech has released its comprehensive Global Cyber Resilience Study 2024-25. This report synthesizes insights from over 1,500 security leaders across various industries in North America, Europe, and Australia/New Zealand, shedding light on the current state of cybersecurity readiness and resilience. The findings underscore the urgent need for organizations to bolster their defenses against an evolving threat landscape.

The Growing Threat of Cyberattacks

The study reveals a stark reality: 81% of security leaders anticipate a cyberattack on their organizations within the next year. This statistic highlights a pervasive sense of vulnerability among organizations, with only 48% believing they possess the capabilities to prevent such attacks. The report indicates that 54% of security leaders view AI-generated attacks as the most significant security risk, reflecting a growing concern over the potential for artificial intelligence to be weaponized by malicious actors.

Moreover, the aftermath of cyberattacks poses substantial challenges for organizations. A staggering 76% of security leaders reported facing high to moderate difficulties in fully resuming business operations post-attack. This underscores the critical importance of not only preventing attacks but also having robust recovery strategies in place.

The Call for Comprehensive Cyber Resilience

Jagadeshwar Gattu, President of Digital Foundation Services at HCLTech, emphasizes the need for a strong digital foundation to navigate the complexities of modern cybersecurity. He advocates for a strategy centered on comprehensive resilience, which includes investing in cyber resilience solutions, implementing zero-trust controls, and leveraging AI-assisted automation. Gattu asserts that organizations must streamline their security tools through a platform-based approach to effectively balance cyber risk management with cost pressures, ultimately enhancing operational efficiency.

Regional Insights: North America Leads in Cyber Incidents

The report provides a regional breakdown of cyber incidents, revealing that North America has the highest incidence of reported attacks, with 64% of surveyed security leaders indicating their organizations had been targeted. This is followed by 57% in Europe and 51% in the Australia-New Zealand region. In light of these alarming statistics, 63% of security leaders plan to increase their cybersecurity investments over the next 12 months.

The study also highlights that 84% of respondents prioritize improving compliance and risk management, with significant investments planned in areas such as SOC automation (76%) and incident response and recovery capabilities (75%). This focus on both proactive and reactive measures reflects a strategic shift towards strengthening overall cybersecurity posture.

The Skills Gap and External Sourcing

Despite the pressing need for enhanced cybersecurity measures, the study reveals a concerning skills gap within organizations. Only 35% of security leaders express confidence in their in-house expertise to manage cybersecurity risks, prompting 90% to rely on external sourcing to bolster their capabilities. This reliance on external expertise underscores the challenges organizations face in building and maintaining a robust cybersecurity workforce.

Additionally, the report highlights a communication gap at the leadership level, with only 37% of security leaders feeling effective in conveying their organization’s IT security posture to the board and C-suite. This gap points to the necessity for improved strategic communication between technical teams and executive leadership to ensure that cybersecurity is prioritized at the highest levels of decision-making.

The Role of Leadership in Cybersecurity Strategy

Amit Jain, EVP and Global Head of Cybersecurity Services at HCLTech, stresses the importance of cybersecurity as a strategic capability for businesses. He argues that Chief Information Security Officers (CISOs) and Chief Risk Officers (CROs) must act as critical bridges between the board and technology/business teams. This involves transitioning to real-time risk governance and control execution to effectively manage the rapidly changing threat landscape.

Jain further emphasizes that as cyber threats evolve daily, the successful implementation of a cyber strategy increasingly relies on automation and AI. HCLTech’s dynamic cybersecurity framework is designed to address these challenges, enhancing stakeholder relationships and improving visibility into cyber preparedness and resilience.

Conclusion: A Call to Action

The Global Cyber Resilience Study 2024-25 by HCLTech serves as a clarion call for organizations to reassess their cybersecurity strategies in light of the escalating threat landscape. With a significant majority of security leaders anticipating cyberattacks and expressing concerns over their preparedness, it is imperative for organizations to invest in comprehensive resilience strategies. By prioritizing compliance, risk management, and leveraging external expertise, organizations can better navigate the complexities of cybersecurity and safeguard their digital assets in an increasingly hostile environment.