TIDMCCS
Crossword Cybersecurity PLC
24 May 2022
Crossword Cybersecurity Plc research reveals 40 per cent of
companies believe their cyber strategy will be outdated in under
two years
A perfect storm of escalating cyber-attacks and global tech
innovation, leaves 61 per cent of Chief Information Security
Officers (CISO) only "fairly confident" of managing their current
threat exposure.
24 May 2022 - London, UK - Crossword Cybersecurity Plc (AIM:CCS,
"Crossword", the "Company" or the "Group"), the cybersecurity
solutions company focused on cyber strategy and risk, has today
released a new report based on the findings of a survey of over 200
CISOs and senior UK cyber security professionals. Called " Strategy
and collaboration: a better way forward for effective cybersecurity
" , the paper reveals companies are more concerned and exposed to
cyber threats than ever before, with almost two thirds (61 per
cent) describing themselves as at best only "fairly confident" at
managing their current cybersecurity threat exposure, which should
raise some eyebrows around the boardroom.
Respondents also feared their cyber strategy would not keep pace
with the rate of tech innovation and changes in the threat
landscape. 40 per cent believe their existing cyber strategy will
be outdated in two years, and a further 37 per cent within three
years. Additional investment is needed to address longer term
planning, with 44 per cent saying they only have sufficient
resources in their organisation to focus on the immediate and
mid-term cyber threats and tech trends.
The daily firefight
CISOs and cyber professionals report struggling to manage
today's cybersecurity risks across the board. Asked about the
day-to-day aspects of securing their businesses on a scale
including "a little, somewhat, or very challenging", the following
areas were ranked highest as at least somewhat challenging by
respondents: (total challenging figures in brackets)
-- Detecting or identifying the occurrence of a cybersecurity
event or threat - 56 per cent (85 per cent)
-- Third parties disclosing breaches in good time - 55 per cent (85 per cent)
-- Understanding and anticipating new or potential future
strategies used by threat actors - 55 per cent (84 per cent)
-- Ensuring that the entire supply chain is water-tight in its
ability to defend and recover against threat actors - 52 per cent
(83 per cent)
Juggling cybersecurity priorities
Not only do organisations feel they are chasing their next cyber
strategy, but they are struggling to deliver on the one they have
now. CISOs highlighted the following key priorities over the next
12 months:
-- The cyber skills gap within organisations is the highest
strategic priority (31 per cent). This has a been a perpetual
problem facing the IT industry and cybersecurity teams can become
quickly overwhelmed if the right expertise is not in place to
manage the load. The effects of this can be devastating, creating
risk vectors that can be exploited and may lead to human error
under pressure, or a missed threat. Rather than hunting new people,
the gap could in part be addressed by putting more resources into
training and upskilling, but this is difficult when team capacity
is already stretched.
-- The next most important priority highlighted by CISOs is the
challenge of gaining consistent and reliable 'threat intelligence'
(28 per cent), with many reporting they rely on informal
information sharing networks.
-- Securing digital identity (27 percent) was also identified as
key given the risks posed by hackers gaining credentials and
impersonating users to access data and systems.
Stuart Jubb, Group Managing Director at Crossword Cybersecurity
plc, commented: " The picture painted by our research shows CISOs
are in urgent need of a strategic rethink. CISOs need to balance
their cybersecurity operation's daily load with managing the
organisation's long-term requirements. Boards must make sure CISOs
have the budget necessary to get short-term issues under control
and then begin planning a long-term business wide strategy. Such a
strategy should be supported by a standard operating model with
robust processes and policies for the company's entire supply
chain. Every month of delay leaves businesses open to potentially
crippling cyber-attacks."
The tech trends that matter to cyber professionals
CISOs were also asked about the technology trends that they saw
as being the most important and relevant over the next 12 months.
Several technology categories stood out with cloud transition and
cyber in the cloud leading the way (41 per cent), followed by Cyber
Security Mesh Architecture ( CSMA - 35 per cent), and AI/Machine
Learning (31 per cent).
Deciding how each of these categories will fit into the
short-term cyber goals and longer term strategy of UK organisations
will take serious consideration. However, respondents did report
having a clear view on the most important technology components
they want to address in their cyber security plans in the short
term, compared to the next three or five years. Three quarters (75
per cent) said software verification, which helps to ensure a
program is secure, 69 percent said cloud transition and 69 per cent
said dealing with ransomware escalation, will be a focus
immediately or over the next 12 months. A similar number (65 per
cent) identified CSMA, a method for making cybersecurity products
interoperable, as a key technology. Other technologies of note
included:
o Zero trust and identity security (62 per cent)
o Quantum data stores / computing (55 per cent)
o AI / Machine learning (55 per cent)
Jubb concluded: "Cybersecurity today is in a more tightly
squeezed iterative cycle than it was in the past. It demands that
organisations take a more strategic and collaborative approach - we
recommend appointing a head of cyber security strategy, while
leaving the CISO to deliver on the immediate challenges. Managing
the day to day risks is a tough balancing act, but one that can be
achieved if CISOs have the right resources to upskill their teams
and tools that leverage AI to bring efficiency and automation to
help protect their organisation and its supply chain against
today's threats."
Professor Tim Watson, Programme Director, Defence &
Security, The Alan Turing Institute and Director, WMG Cyber
Security Centre, University of Warwick , commented: "Collaboration
is especially important when it comes to protecting critical
national infrastructure because it's rapidly becoming a whole new
theatre of conflict between Nation States. It's also not
particularly easy because there are so many private and public
stakeholders."
Muttukrishnan Rajarajan (Raj) , Professor of Security
Engineering and Director, Institute for Cyber Security , City,
University of London, commented: "Tackling ransomware is a huge
area of focus in the world of research, so I'm not surprised this
scored highly in the survey. We are often commissioned to work on
projects that focus just on this - an attack on one SME can cause a
complete supply chain to grind to a halt as we saw with
vulnerabilities introduced via the Log4J code libraries
recently."
- Ends -
Contacts
Crossword Cybersecurity plc - Tel: +44 (0) 333 090 2587
Email: info@crosswordcybersecurity.com
Tom Ilube, Chief Executive Officer
Mary Dowd, Chief Financial Officer
Grant Thornton (Nominated Adviser) - Tel: +44 (0) 20 7383
5100
Colin Aaronson / Jamie Barklem / Daphne Zhang / Ciara
Donnelly
Hybridan LLP (Broker) - Tel: +44 (0)203 764 2341
Claire Louise Noyce
For media enquiries contact:
Financial PR:
David Hothersall, Kinlan Communications
davidh@kinlan.net - Tel: +44 (0) 207 638 3435
General:
Duncan Gurney, GingerPR
duncan@gingerpr.co.uk - Tel: +44 (0)1932 485 300
About Crossword Cybersecurity plc
Crossword offers a range of cyber security solutions to help
companies understand and reduce cyber security risk. We do this
through a combination of people and technology, in the form of SaaS
and software products, consulting, and managed services.
Crossword's areas of emphasis are cyber security strategy and risk,
supply chain cyber, threat detection and response, and digital
identity and the aim is to build up a portfolio of cyber security
products and services with recurring revenue models in these four
areas. We work closely with UK universities and our products and
services are often powered by academic research-driven insights. In
the area of cybersecurity strategy and risk our consulting services
include cyber maturity assessments, industry certifications, and
virtual chief information security officer (vCISO) managed
services.
Crossword's end-to-end supply chain cyber standard operating
model (SCC SOM) is supported by our best-selling SaaS platform,
Rizikon Assurance, along with cost-effective cyber audits, security
testing services and complete managed services for supply chain
cyber risk management. Threat detection and response services
include our Nightingale AI-based network monitoring, Nixer to
protect against application layer DDoS attacks, our Trillion and
Arc breached credentials tracking platforms, and incident response.
Crossword's work in digital identity is based on the World Wide Web
Consortium W3C verifiable credentials standard and our current
solution, Identiproof, enables secure digital verification of
individuals to prevent fraud.
Crossword serves medium and large clients including FTSE 100,
FTSE 250 and S&P listed companies in various sectors, such as
defence, insurance, investment and retail banks, private equity,
education, technology and manufacturing and has offices in the UK,
Poland and Oman. Crossword is traded on the AIM market of the
London Stock Exchange.
Visit Crossword at https://www.crosswordcybersecurity.com/
This information is provided by Reach, the non-regulatory press
release distribution service of RNS, part of the London Stock
Exchange. Terms and conditions relating to the use and distribution
of this information may apply. For further information, please
contact rns@lseg.com or visit www.rns.com.
Reach is a non-regulatory news service. By using this service an
issuer is confirming that the information contained within this
announcement is of a non-regulatory nature. Reach announcements are
identified with an orange label and the word "Reach" in the source
column of the News Explorer pages of London Stock Exchange's
website so that they are distinguished from the RNS UK regulatory
service. Other vendors subscribing for Reach press releases may use
a different method to distinguish Reach announcements from UK
regulatory news.
RNS may use your IP address to confirm compliance with the terms
and conditions, to analyse how you engage with the information
contained in this communication, and to share such analysis on an
anonymised basis with others as part of our commercial services.
For further information about how RNS and the London Stock Exchange
use the personal data you provide us, please see our Privacy
Policy.
END
NRASEDFIDEESEFI
(END) Dow Jones Newswires
May 24, 2022 03:09 ET (07:09 GMT)
Crossword Cybersecurity (LSE:CCS)
Historical Stock Chart
From Apr 2024 to May 2024
Crossword Cybersecurity (LSE:CCS)
Historical Stock Chart
From May 2023 to May 2024