State of Cybersecurity Report 2023

STATE OF
CYBERSECURITY
REPORT
CYBER RESILIENCE IN AN AGE
OF CONTINUOUS DISRUPTION
#SOCR
2023
Spotlight
on AI
PAGE 8
TABLE OF
CONTENTS
A NOTE FROM TONY BUFFOMANTE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
EXECUTIVE SUMMARY. . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
The Big Picture. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Spotlight on AI: Risk and Compliance. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Insights. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Attacks are on the rise. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
The modern enterprise embraces cybersecurity. . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
How are enterprises investing in 2023. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Cloud-first mindset gaining momentum. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Collaboration is critical. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
A look into the future . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
Security Trends by Geography. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
Americas . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Europe. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Asia Pacific • Middle East • Africa . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
Security Trends by Sector . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Banking, Financial Services and Insurance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
Communications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Consumer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
Energy, Natural Resources and Utilities. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Healthcare. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
Manufacturing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Technology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
SECTION I: State of Attacks, Breaches and Laws . . . . . 33

SECTION II: State of Cyber Capabilities . . . . . . . . . . . . . 46
SECTION III: State of Collaboration. . . . . . . . . . . . . . . . . 67
SECTION IV: Future of Cybersecurity . . . . . . . . . . . . . . . 75
ASSOCIATED PARTNERS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
ABOUT WIPRO. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88
AUTHORS AND REFERENCES. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
Wipro State of Cybersecurity Report 2023 | 2

A Note from Tony Buffomante
“The best response to continuous disruption is

continuous innovation.”
Over the past three years, major technological, geopolitical

and economic disruptions have forced organizations
to change their approach to cybersecurity threats and risk
TONY management. The pandemic exposed the enterprise to new risks
BUFFOMANTE due to a sharp increase in remote work and disruptions to the supply
SVP & Global Head – chain. Nation-state attacks disproportionately impacted the private
Cybersecurity & Risk Services sector. We’ve also seen a rapid acceleration of advanced technologies
Wipro Ltd. for phishing and ransomware. Shocks to the global economy have put
@TonyBuffomante pressure on cybersecurity budgets, pushing security professionals to
www.linkedin.com/in/ do more with less.
buffomante
Today we find ourselves in an age of continuous disruption. It’s the
new normal for cybersecurity and challenges the modern enterprise
to rethink how the C-suite prepares and reacts. This report answers
four key questions:
1. What is the state of cyberattacks, breaches and regulatory laws?
2. What is the state of enterprise capabilities for addressing

threats?
3. How well are enterprises collaborating with key internal and

external stakeholders?
4. Which technologies are likely to impact enterprise cybersecurity

in the near future?
The best response to continuous disruption is continuous innovation.

Wipro has transformed to help our clients meet these evolving
challenges. We deliver on the promise of reducing costs and gaining
efficiencies through managed services — our foundational expert
skillset — and growing innovative strategic consulting services
through targeted acquisitions of regional and industry-specific
strategy consulting firms.

EXECUTIVE
SUMMARY

The Big Picture
We’ve entered an age of continuous disruption, and because of this, the responsibilities of the typical CISO
and others holding senior risk and security roles, are rapidly evolving. The 2023 State of Cybersecurity
Report (SOCR) offers a perspective and framework to help enterprises achieve cyber resilience. Our extensive
research uncovered a wealth of actionable insights within four main topic areas:
• State of Attacks, Breaches and Laws
• State of Cyber Capabilities
• State of Collaboration
• Future of Cybersecurity
Wipro’s cybersecurity outlook for 2023 and beyond

Global enterprises have been leveraging innovative technology to modernize business operations and grow at
scale. The primary driver of this effort has been cloud adoption which provides the means to deliver almost
unlimited scalability.
We’re arguably reaching the tail end of the digital transformation journey now that a majority of businesses
have transitioned at least some workloads to the public or private cloud. As cloud footprints continue to
expand, logical boundaries are becoming fuzzy. Cloud security loopholes such as misconfigurations, blind
spots, shadow IT and lack of visibility create challenges for CXOs. A resilient cloud must strategically align
with the organization’s business objectives. This requires building a secure cloud architecture, adopting
standards and best practices for cloud security governance and using automation to enhance risk and
compliance visibility.
Security leaders have been working hard to solve these issues. But CISOs can’t afford to take a breath.
An even more disruptive technology is rolling out at a dizzying pace. The enterprise IT, security and risk
challenges surrounding Artificial Intelligence (AI) are orders of magnitude greater than those produced by
cloud adoption.
AI adoption in the business environment

Businesses are focused on efficiently growing at scale, and many organizations are rapidly adopting
generative AI tools to accelerate their growth objectives. AI is being embedded across the enterprise — in
new and existing products and software — to create improved customer experiences, more intelligent
software and broad operational efficiencies. In this early phase, companies are primarily using AI to automate
repetitive tasks and uncover relevant patterns and correlations. Our research revealed that 79% of companies

are prioritizing security orchestration and automation. But the seemingly unlimited capabilities of generative
AI and large language models are evolving so quickly that it’s all too easy to put risk management on the back
burner. Managing the risk, security and compliance of generative AI is a formidable challenge for CISOs.
The enterprise threat landscape from edge to cloud is becoming more porous. It includes millions of
distributed endpoints, poorly protected remote sites and home offices, IoT/IIoT/OT devices, shadow clouds
next to legitimate clouds, mobile devices that are never backed up by IT and scores of global partners with
greater levels of access privileges.
In this unstable environment, hacking has become a multi-billion-dollar well-funded industry. Bad actors
have the same advanced technology tools as the businesses they target. This is fueling an increase in the
sophistication and sheer numbers of attacks and is cutting down the end-to-end life cycle of attacks — in
many cases, to a matter of hours. It is driving — arguably forcing — businesses to adopt AI systems to fortify
defenses and simultaneously accelerate growth.
AI, along with its machine learning (ML) component, has the potential to sharply change the cybersecurity
landscape. It can grow and learn. It can accelerate defense reactions fast enough to keep ahead of the bad
actors by recognizing attacks that don’t necessarily match previously seen patterns.
But like all tools, AI is only as good as the people using it. To avoid the kinks in the AI cybersecurity armor,
a proper deployment is truly a partnership. You need the right people to write the code, the right people to
test it and, critically, the right people to oversee the AI effort on an ongoing basis. To deploy cost-effective
AI governance, enterprises must design a risk-based AI framework that includes constant monitoring and
oversight to prevent it from creating security holes and backdoors that could allow data leakage to cyber
thieves and business competitors. To better understand the risk and compliance challenges posed by AI,
along with some best practices on how to solve them, please see the Spotlight on AI Risk and Compliance
section on page 8.
Balancing agile risk strategies with cost optimization and business priorities
These technology sea changes, coupled with global economic uncertainty, changing regulatory compliance
requirements and market dynamics, are challenging security leaders to reduce costs without increasing risks
and to optimize the performance of existing cybersecurity investments.
Cybersecurity ﬁnancial management best practices are evolving to support increasing levels of operational
speed, agility, ﬂexibility and security. However, more than two-thirds of organizations are spending less than
10% of the IT budget on security. Enterprises need to assess current cybersecurity spending against the
maturity of the organization to identify cyber cost optimization opportunities using four key strategies:
• Cybersecurity operating model enhancing risk-based collaboration and accountability with governance
and control frameworks.
• Tools rationalization assessing security technology investments with a market view on where expansion
or consolidation is warranted.
• Process optimization using automation and integration to allocate available resources more effectively
and adequately fund prioritized risk and compliance processes.
• Intelligent automation adopting generative AI and machine learning across all processes to automate
and orchestrate cyber hunting, containment, response and remediation.

The reality is security professionals must learn to do more with less. We believe, and share with our clients,
that the way to do this, leveraging the framework above, is to view security as an investment that can help win
new business, increase market share and boost revenue.
An agile operating model can quickly reallocate the security budget to ensure resources are aligned with
strategic business priorities. This includes encouraging leaders in all departments to consider cybersecurity
investments with a focus on multi-year cost optimization rather than pure cost reduction. This agility allows
an enterprise to efficiently dial its security spend up and down for more effective risk management.
Expanding cybersecurity expertise in the boardroom

One critical change enterprises are embracing is adding experienced cybersecurity talent to the board.
Security concerns, and linking these to the enterprise risk tolerance, is now on the agenda at nearly every
board meeting. Having directors with cybersecurity experience in the room enables the board to understand
security data and improve the quality of critical security briefings.
Security and risk management can no longer be considered just a cost center. They must factor into every
element of operations, including marketing, manufacturing, distribution, supply chain, web operations and
selecting global partners. Cybersecurity expertise in the boardroom ensures that a company makes strategic
decisions that align with long-term business objectives.
Simulating attacks and responses to improve cyber resilience

Other aspects that a modern cybersecurity strategy must address are the impacts — direct and indirect —
attacks have on the business. For example, the steady drumbeat of breach notifications could desensitize
some customers and partners to the significant risks of working with a breached company. But if a breach,
whether via ransomware or a DDoS attack, causes the company’s website to go down for an extended period,
that could result in a significant revenue impact.
Our report found that many CIOs lack confidence in the ability of their enterprises to recover quickly from an
attack. The term “quickly“ means different things to different CIOs, but the fact is that many of them do not
have a good grasp of what will happen after an attack.
One way to improve the understanding of and response to attacks is to run regular cyberattack simulation
exercises. Simulations can train employees to respond effectively in different scenarios to minimize damages
and help the organization discover blind spots in their systems that threat actors may use as breach access
points. It’s encouraging to note that just 4% of survey respondents had not conducted any sort of incident
response exercise in the past two years. However, among the organizations that have conducted simulation
exercises, only 27% Ied board members in the process. While no business can perfectly protect itself from
every attack, every business can map out what is likely to happen, communication protocols, and how it can
quickly recover.
In addition to testing operational crisis readiness based on predefined scenarios, organizations are starting
to continuously test their defenses through automated penetration testing. Automated attack simulations
use the same AI tools and processes employed by bad actors in an effort to continuously reduce the attack
surface without waiting for the next planned simulation exercise.

Spotlight on AI:
Risk and Compliance
As Artificial Intelligence (AI) and machine learning (ML) transition from the early adoption phase to the
mainstream, the supporting technology will become more powerful, take on more roles and disrupt the risk
and compliance landscape of virtually every organization.
Enterprises are exploring how AI can help implement greater operational efficiencies by automating simple,
repetitive tasks and enhancing complex communications.
But the challenges are evolving and growing in complexity at an alarming rate. Key challenges include:
• Disruption — Millions of jobs may be eliminated by generative AI unless intended use guidelines and
policies are established and enforced
• Data protection and privacy — AI running across organizations to grow the business has little oversight
on the potential exposure of personal data and the overall impacts on privacy and consumer protection
• Legal and compliance — The US and the EU are introducing AI-related laws and regulations and
designing blueprints for an AI Bill of Rights, including how the incorrect or unethical use of AI can subject
organizations to compliance penalties
• Reputational risk — While AI is a growth driver, poor implementation and usage inexperience can lead to
consumer dissatisfaction and reputational brand damage
• Cybersecurity — Hackers can use AI to increase the volume and sophistication of attacks and steal
confidential data sets and AI models to sell on the dark web.
Because there are so many unknowns surrounding the risks of AI, there is a tendency to simply say, “You can’t
use it until we fix it.”
AI risk management framework

Organizations need to establish a framework incorporating rules and controls around how the technology will
be adopted. This includes defining the types of prompts that can and cannot be fed into AI models and how to
leverage what comes out.
Wipro utilizes the NIST AI RMF Core in conjunction with the OECD Framework to classify and provide
outcomes and actions that enable dialogue, understanding and activities to manage AI risks and responsibly
develop trustworthy AI systems. Trustworthy AI is safe, secure, resilient, explainable and interpretable,
privacy-enhanced, fair, valid, reliable, accountable and transparent.

The NIST AI RMF Core is composed of four functions:
• Govern — A culture of risk management is cultivated and present
• Map — Context is recognized and related risks are identified
• Measure — Identified risks are assessed, analyzed or tracked
• Manage — Risks are prioritized and acted on based on project impact
AI/ML risk governance action steps

There is no one answer to the question of how to approach AI/ML governance with cybersecurity and privacy
in mind. Following are seven recommended actions organizations can take to become more digitally resilient
with their AI-enabled technologies.
• Define intended use and user guidelines
• Clarify code ownership
• Establish intellectual property rights
• Address security policies and confidentiality measures
• Focus on identity security
• Revamp security offerings
• Ensure compliance with legal and regulatory requirements
These rules of engagement help security leaders to have informed conversations with stakeholders that
have a vested interest in using AI systems. Once a governance process is established, classification of the
systems can be put in place and risks may be documented. Only then can the organization build cybersecurity
controls and protection mechanisms directly into the AI system and data model and provide a foundational
infrastructure. It is a multi-step journey in the wake of an ever-expanding attack surface introduced by AI
systems.

INSIGHTS


SECURITY TRENDS
GEOGRAPHY & SECTOR

ecurity Trends
S
by Geography
We analyzed responses from the State of Cybersecurity

Report 2023 research across three geographical clusters:
GEOGRAPHIES:
Americas, Europe, APMEA (Asia Pacific, Middle East and
Africa)
Responses were further analyzed to produce 10 critical

trends:
• Cadence of cyber risk reporting
• Board’s cyber expertise
• CISO reporting
• Top cyber risks
• Confidence in cyber controls
• Recent data breach
• Third-party security breach
• Downtime due to ransomware attacks
• Percentage of annual IT budget allocated for security
• Investment priorities
Figure 1: Response Distribution by Geography

AMERICAS
Cyber Risk Reporting Recent Data Breaches

to the Board
! 46% of the organizations have
40 of the organizations report
%
experienced at least one breach in
quarterly and 27% report monthly
the last 3 years
Board’s Cyber Expertise 3rd Party Security Breaches
85% of the boards have 34% said their 3rd party

established some form of suppliers reported a security
cybersecurity oversight* breach last year
Downtime Due to
Ransomware Attacks
CISO Reporting
33% of organizations that
55% CISOs report to CIO experienced ransomware attack in
and 25% report to CEO
the last 3 years, faced a downtime
of 11 to 30 days
Top 2 Cyber Risks

Security Budget
87 %
view ransomware
$ 27% of organizations allocate
attacks as their top risk
more than 12% of their IT budget
82% view email phishing for security
as their top risk
Confidence in Cyber Control Investment Priorities

37 %
are highly confident about 84% picked Security
protecting their systems from Orchestration and Automation as
an attack, however only 11% are a continued investment priority
confident in recovering quickly 75% picked both Zero Trust
from a cyberattack Networks & Third-Party Risk/
Supply Chain Security as their
top priority
*Through independent cyber advisors or designated
board members or a defined cyber risk committee

EUROPE
Cyber Risk Reporting to the Board
37 of the organizations report quarterly and
%
28% report monthly
Investment Priorities Board’s Cyber Expertise

73 picked Security
%
! 85% of the boards have
Orchestration and Automation established some form of
as their top priority cybersecurity oversight*
72% picked Zero Trust
Networks as their top priority
Security Budget CISO Reporting

13% of organizations 51% CISOs report
allocate more than $ to the CIO and
12% of their IT 24% report to the
budget for security CEO
Downtime Due Top 2 Cyber Risks

to Ransomware
Attacks
78% view email
phishing as their
28% of organizations top risk
that experienced 72% view
a ransomware ransomware
attack in the last attacks as
3 years, faced a their top risk
downtime of 11 to
30 days
3rd Party Security Breaches Confidence in

Cyber Control
36 said their 3rd party
%
suppliers reported a security 23% are highly confident

breach last year about protecting their
systems from an attack,
however only 8% are
confident in recovering
quickly from a cyberattack
Recent Data Breaches

56 of the organizations have experienced
%
*Through independent cyber advisors or designated at least one breach in the last 3 years

ASIA PACIFIC • MIDDLE EAST
AFRICA

to the Board
54 %
of the organizations report
experienced at least one breach in
the last 3 years
97% of the boards have 37% said their 3rd party suppliers
established some form of reported a security breach last
cybersecurity oversight* year
Downtime Due to
Ransomware Attacks
CISO Reporting
58 %
CISOs report to the CIO experienced a ransomware
and 25% report to the CEO attack in the last three years
faced downtime of 11 to 30 days
Top 2 Cyber Risks

Security Budget
83 %
view email phishing
$ 14% of organizations allocate
as their top risk
more than 12% of their IT
68% view ransomware budget for security

36 %
are highly confident about 75% picked Security
protecting their systems from Orchestration and Automation
an attack, however only 5% are as their top priority
confident in recovering quickly 64% picked DevSecOps as
from a cyberattack their top priority


ecurity Trends
S
by Sector
We analyzed responses from the State of These sector-specific responses were further
Cybersecurity Report 2023 research across seven analyzed to produce 10 critical trends:
industry sectors:
• Cadence of cyber risk reporting
SECTORS:
• Board cyber expertise
BFSI: Banking, Financial Services, Insurance
• CISO reporting
Communications: Telecommunications
• Top cyber risks
Consumer: Consumer Goods, Retail, Distribution, • Confidence in cyber controls
Travel & Hospitality, Transportation, Media,
• Recent data breach
Education, Public services
• Third-party security breach
ENU: Energy, Natural Resources, Utilities
• Downtime due to ransomware attacks
Healthcare: Life Sciences, Medical Devices • Percentage of annual IT budget allocated for
Manufacturing: Industrial Process Manufacturing, security
Automobile • Investment priorities
Technology: Tech Products and Platforms,

Semiconductors, Network Equipment Providers
Figure 2: Response Distribution by Sector

BANKING, FINANCIAL
SERVICES AND INSURANCE
54 of the organizations report monthly and
%
40% report quarterly

71 said Security
%
continued to be their top cybersecurity oversight*
priority
59% said Third-Party Risk and
DevSecOps is their top priority

allocate more than $ to the CIO and 19%
12% of their IT report to the CRO
budget for security

to Ransomware
Attacks
79% view email
phishing as their
attack in the attacks as
last three years their top risk
faced downtime of
11 to 30 days

Cyber Control
47% said their 3rd party
however only 10% are highly

%

COMMUNICATIONS

to the Board
57 %
of the organizations report
experienced at least one breach
in the last 3 years
Downtime Due to
Ransomware Attacks
CISO Reporting
62 %
and 21% report to the CEO attack in the last three years
faced downtime of 11 to 30 days
Top 2 Cyber Risks

Security Budget
84% view email phishing $ 43% of organizations allocate
as their top risk
84 view ransomware
%
for security

62 %
are highly confident about 81% said Security
protecting their systems from an Orchestration and Automation
attack, however only 16% are is their top priority
highly confident in recovering 81% said Zero Trust Networks
quickly from a cyberattack is their top priority


CONSUMER
%
28% report semi-annually

78 chose Security
%
78% said Zero Trust Networks
is their top priority

allocate more than $ to the CIO and
8% of their IT budget 26% report to
for security the CEO

to Ransomware
Attacks
82% view email
phishing as their
three years faced their top risk
downtime of 11 to
30 days

Cyber Control
suppliers reported a security Only 14% are highly
breach last year confident about protecting
their systems from an
attack, however 70% are
not confident in recovering

%

ENERGY, NATURAL
RESOURCES AND UTILITIES

to the Board
34 %
of the organizations
report quarterly and 28%
in the last 3 years
report semi-annually
Downtime Due to
Ransomware Attacks
CISO Reporting
58 %
and 32% report to the CEO attack in the last three years faced
downtime of 11 to 30 days
Top 2 Cyber Risks

Security Budget
82% view email phishing $ 30% of organizations allocate
as their top risk
around 6% or more of their IT
74 view ransomware
%
budget for security

Only 6 are highly confident
%
78% said Security Orchestration
about protecting their systems and Automation continued to be
from an attack however their top priority
confidence in quick recovery from 72% said Zero Trust Networks
a cyberattack is very low across all Security is their top priority
respondents


HEALTHCARE
%
23% report semi-annually

78 said Security
%
! 94.5% of the boards have
continued to be their top cybersecurity oversight*
priority
71% said Zero Trust Networks
Security is their top priority

8% of their IT budget report to the CEO
for security

to Ransomware
Attacks
84% view email
phishing as their
three years faced their top risk
downtime of 11 to
30 days

Cyber Control
38 said their 3rd party
%


%

MANUFACTURING

to the Board
36 %
of the organizations
report quarterly and 26%
in the last 3 years
report annually
Downtime Due to
Ransomware Attacks
CISO Reporting
45 %
and 29% report to the CEO attack in the last three years faced
downtime of 11 to 30 days
Top 2 Cyber Risks

Security Budget
81% view ransomware attacks $ 17% of organizations allocate
as their top risk
74 view email phishing
%
for security
as their top risk

17 %
are highly confident about 76% said Security Orchestration
protecting their systems from and Automation is their top priority
an attack, however only 7% are 71% said Third-Party Risk/Supply
confident in recovering quickly Chain Security is their top priority
from a cyberattack


TECHNOLOGY
54 of the organizations report monthly and
%
38% report quarterly

90 picked Security
%
81% picked Zero Trust
Networks as their top priority

12% of their IT report to the CEO
budget for security

to Ransomware
Attacks
90% view
ransomware attacks
36% of organizations as their top risk
that experienced 83% view email
a ransomware phishing as their
attack in the last top risk
three years faced
downtime of 11 to
30 days

Cyber Control

%

SECTION I
STATE OF
ATTACKS
BREACHES & LAWS

We identified six top cyber challenges that GLOBAL INSIGHT
organizations face today:
• Nation-state cyber warfare
• Global non-state cyber risks 82%

of all nation state
• Breaches – the data and the targets
attacks focused
• Time to recover on espionage
• Repeat breaches
39%
• Cybersecurity regulatory change of nation-state
attacks targeted the
private sector
Nation-State Cyber Warfare
From 2018 to 2022, 39% of nation-state attacks
have targeted the private sector, exposing
organizations to all manner of threats, including
espionage, digital lockdowns and damage to
critical infrastructure. It is not the first time
in recent history that cyberspace has served
as a “second battlefield.” But it’s becoming an
increasingly frequent phenomenon.
To provide a macro view of the situation, we carried

out a secondary data analysis on 1,100+
nation-state attacks tracked by the Council on
Foreign Relations from 2018 to 2022. We analyzed
the intent of the attacks, which countries were
behind the attacks, and which countries were
targeted.

Figure 3: Nation State Attack Analysis
Figure 4: Nation State Attack Type Distribution

Figure 5: Nation State Attack Trends by Target Category
A quick summary of the data:
• The vast majority (82%) of attacks were That the US was the top target country should be
espionage-related. of concern to businesses that operate there. At
the same time, it is worth noting that the most
• The main aggressors are China, Iran, North
aggressive nation-states have hostile relations
Korea, and Russia.
with the US. Businesses in the crossfire of
• Many countries were victims, but the US was hostilities should be mindful of the geopolitical
the biggest target, followed by countries that implications of nation-state attacks.
border Russia.

Global Non-State Cyber Risks
Organizations are facing more exposure to technologically sophisticated attacks from non-state actors. The
top three threats are email phishing (81%), ransomware (79%) and third-party risks (68%).
Figure 6: Trends in Top Cyber Risks
Email phishing and ransomware are top threats
With the expansion of email phishing templates In addition to the rise of nation-state attacks,
available to a growing population of threat actors, organizations are facing increasing exposure to
phishing attacks flourished throughout the sophisticated attacks from non-state actors. The top
pandemic. We are seeing more targeted attacks three threats in this year’s report are email phishing
on IT administrators, R&D, and senior executives (81%), ransomware attacks (79%), and third-party
using social platforms to gather specific insights. risks (68%). A few notes on our findings:

81% Phishing—
brace for generative AI-enabled “deep phishing”
With the expansion of email phishing templates available to a growing population of threat actors, phishing
attacks flourished throughout the pandemic. Now we are seeing more targeted attacks on IT administrators,
R&D and senior executives who use social platforms. The growing use of outsourced SaaS IT for HR services
with new corporate domains has also created additional phishing exposures. Omni-channel “deep phishing”
attacks leveraging generative AI will make the detection of fakes even more challenging. Additional AI insights
can be found in section 4—The Future of Cybersecurity.
79% Ransomware— 68% Third-party risks—

extortion tactics evolve to intimidate executives leverage of generative AI on the rise
Ransomware threat actors have changed their Global supply chains have linked various third
modus operandi from digital lockdowns to parties – outsourcing partners, distributors,
multivariate extortion tactics. In addition to locking suppliers, captives and affiliates — with varying
down systems through encryption, extortion tactics degrees of cybersecurity hygiene and maturity.
now include threatening senior executives with the This has increased the number of cyberattacks
release of their stolen data on the dark web. through third parties.
Operational Technology (OT) risks –

visible increase in attacks on plants Offensive generative AI risks
Recently reported intrusions into pipeline systems, Advancements in generative AI will turbocharge
water treatment plants, electrical grids and all manner of attacks. While generative AI has
industrial plants have heightened the concern enormous potential to be applied defensively
about risks to OT environments. An example of this in security management, its use for offensive
threat is in Ukraine, where there have been attacks purposes will be propelled by the ubiquity of the
on electrical and nuclear plants. Other OT-related technology. Use cases for generative AI in offensive
attacks include those on an oil plant in Italy, a cyberattacks include:
power plant in India and public PLC systems of
• Generative-AI enabled social engineering
water plants across the globe. While the growth in
digital industrial operations allows for seamless • GAN-forcing password attacks by way of
data exchange, the lack of visibility into real-time brute-force
threats and changes within legacy OT environments • Malware code engineering
has increased cyber risk.
• Exploit development leveraging generative AI
• Synthetic data generation for data poisoning

attacks

Breaches – the Data and the Targets GLOBAL INSIGHT
The three sectors that experienced the most breaches were

38% of all data breaches involved
technology (35%), consumer (29%) and health care (17%).
advanced PII records, which is a 13%
increase compared to 2020
Attackers have many different motivations and goals, but not
all breaches and data are created equal. Nation-states may
desire military secrets. Business competitors or terrorists may focus on sabotaging operations. Some attacks
may be personal and motivated by profit, often targeting PII – personal identifiable information. There are
different types of PII with distinct levels of economic value. To dig deeper into the kind of PII data threat
actors seek, we researched the top 85 publicly-reported major data breaches of 2021 and 2022 and classified
them into seven broad categories:
• Basic PII (name, contact number, email address, physical address)
• Basic PII + user credentials (encrypted/unencrypted credentials)
• Basic PII + IP address
• Basic PII + user credentials + IP address
• Advanced PII (Basic PII, gender, date of birth, identification numbers, driving license numbers)
• Advanced PII + user credentials + IP Address
• Advanced PII + financials (tax information, payment card information, bank account statements)
Figure 7: Classification of Compromised Data Across Top Breaches Worldwide
As shown in Figure 7, 38% of all data breaches included advanced PII, a sharp increase from 25% in 2020.
Breaches involving advanced PII + financials increased slightly to 20% in 2022 from 17% in 2020. Breaches
involving basic PII almost tripled from 8% in 2020 to 20% in 2022.

Figure 8: Distribution of Top Breaches Across Industry Sectors
As for which industries are the most targeted,

technology, consumer, and health sectors were the The most targeted industry
hardest hit with 35%, 29%, and 17% of all attacks, sectors were:
35%
respectively. This stands to reason because
attackers are motivated by profit and these
three sectors contain perhaps the richest trove
of advanced PII data and are therefore the most Technology
lucrative. Again, attackers are motivated by profit.
To understand an industry’s exposure to threats,
all one needs to do is follow the money.
29%
Consumer
17%
Health

Time to Recover
Beyond the loss of sensitive data, breaches and
GLOBAL INSIGHT
ransomware attacks also expose enterprises to
disruption of systems and business operations.
65% of the
Organizations have begun to evolve their
organizations took
ransomware recovery strategies around a 6 days or more
minimum viable business service capability with to recover from
reliable immutability and retention locking. These ransomware
organizations are looking at frameworks such attacks
as Recovery Time Objectives (RTO) and Recovery
Point Objectives (RPO) to improve recovery time for
breaches resulting from phishing and ransomware.
Figure 9: Downtime Due to Ransomware Attack

Repeat Breaches
Almost one-third (29%) of all breached
GLOBAL INSIGHT
organizations (51% of surveyed organizations)
29%
experienced a repeat incursion within three years of breached organizations
of the first breach. However, in many instances, experienced repeated
the second breach did not directly correlate with incursions within 3 years
the previous one. In some cases, it’s the work
of a new threat actor, spurred into action after
learning about the original breach. This illustrates
extended periods, and some are never discovered.
one unfortunate effect of breach publicity and the
This means organizational visibility into repeat
way it continues to bring harm to the enterprise.
breaches often may be obscured.
In addition, many breaches go undetected for
Figure 10: Recent Data Breach
29%
49% 51% 71%
Multiple
Breaches
Not Breached Single
Breached Breach

Cybersecurity Regulations
The pace of modernizing data protection laws is notification (Figure 12) and overseas data transfer
growing in both depth and scope. To understand the (Figure 13). Out of the 23 countries analyzed, 16
effectiveness of these regulations, we studied the countries (70%) demonstrated greater stringency
data privacy laws of 23 countries (Australia, Brazil, in breach notification laws, while 17 countries
Canada, China, Dubai, Finland, France, Germany, (74%) demonstrated stringency in international
India, Ireland, Italy, Japan, Mexico, Norway, Poland, data transfers. The upshot? The exposure
Russia, South Africa, Singapore, Spain, Sweden, stemming from regulatory risk is becoming even
Switzerland, UK and the U.S.) based on breach more vast and complex.
notification and cross-border data transfer clauses.
Figure 11 lists the parameters used to evaluate

these clauses. For each country, a score was
assigned to each parameter based on a subjective
analysis of the stringency of their regulations. A
weighted average helped us develop a country-
specific score for data breach notifications and
restrictions on overseas data transfers. We have
plotted two heatmaps using these scores for breach
Figure 11 : Analyzed parameters related to breach notification and data-transfer
Focus Areas of Analysis Parameters

• Mandatory notification to authorities
• Breach categorization
Data breach notification requirements
• Mandatory notification to affected parties
• Financial penalty if notifications are not made
• Consent of data subjects
• Whether outside jurisdiction

provides adequate protection
Overseas data transfer restrictions
• Binding corporate rules (BCRs)
• Standard contractual clauses (SCCs)
• Permission of data protection authority

Figure 12: Heat map of country-specific regulations relating to breach notifications
Stringent
Lenient
Figure 13: Heat map of country-specific regulations relating to international data transfers
Stringent
Lenient
GLOBAL INSIGHT REGIONAL INSIGHT
70% of analyzed countries have instigated

more resilient breach notification clauses Argentina, India, Canada and the
USA are a few countries that have
74% of analyzed countries have instigated proposed changes to their data
more resilient clauses on overseas data protection regulations through tabled
transfers bills

FEW RECENTLY PASSED / PROPOSED
REGULATORY CHANGES:
Argentina’s Proposed New Personal Data Protection Law

A new bill, DPA Resolution 119/2022, has been introduced for public consultation to replace old
legislation and is modeled on the provisions of GDPR.
India introduces Digital Personal Data Protection Bill scrapping the old Personal
Data Protection Bill
After public consultation, the revised data protection bill will undergo revisions before it is tabled in
Parliament. The bill aims to balance the rights of individual privacy and lawful processing.
Canada introduces C-27, The Digital Charter Implementation Act

The omnibus bill is intended to strengthen existing privacy regimes and covers the development of
responsible AI.
Indonesia’s House of Representatives passed the Personal Data Protection Bill

The law established the rights of citizens and processing responsibilities like other data protection
legislation. The law differs from other counterparts in extraterritorial scope and application.
America introduced a landmark federal regulation – the American Data Privacy

and Protection Act
If passed, the bill aims to enable foundational privacy rights and bring meaningful enforcement.
Conflicts with existing state laws remain to be resolved.
US State Privacy Legislation

California: California Consumer Privacy Act (effective 1 Jan 2020), CPRA eff 1 Jan 2023
Colorado: Colorado Privacy Act (effective 1 July 2023)
Connecticut: Connecticut Personal Data Privacy and Online Monitoring Act (effective 1 July 2023)
Utah: Utah Consumer Privacy Act (effective 31 Dec. 2023)
Virginia: Virginia Consumer Data Protection Act (effective 1 Jan. 2023)
China’s Personal Information Protection Law (PIPL)

Since the last SOCR, China passed the Personal Information Protection Law (PIPL). Though other data
security laws were in force prior to PIPL – namely the Data Security Law (DSL) and Cybersecurity Law
(CSL) – PIPL is China’s first comprehensive law designed to regulate and protect personal information.
With the rollout of DSL and PIPL, China’s laws on data security and personal information have aligned
much more closely with international benchmarks. Many of PIPL’s elements strongly resemble GDPR.
But if you have already adopted GDPR rules, you still need to analyze the gap between GDPR and PIPL
requirements. Still, adjusting to the PIPL shouldn’t be too challenging.

SECTION II
STATE OF
CYBER
CAPABILITIES

This section explores the evolving trends in enterprise security governance and the management of risks
through cyber capabilities in areas including the board’s role, organizational design and budgeting during
austerity and technical practices for the future. Damage to the brand in the aftermath of an attack continues
to be a focus of attention within the C-suite. Despite austerity headwinds, security budgets have experienced a
relative increase within the overall IT budget. Investments in emerging areas include assessing and mitigating
risks related to generative AI. Heavy fines relating to disputes emanating from privacy regimes have plagued the
industry and are driving more focus on privacy by design. We also look at the historical organizational design for
security and its positioning for the future.
Board Alignment for Cyber Governance

To allay investor concerns about the survivability of their investments, enterprise boards are focusing more
on their fiduciary responsibilities directly related to cybersecurity and regulatory compliance. One way boards
can achieve this is to place greater emphasis on seating directors with cybersecurity expertise. This expertise
will help boards address cybersecurity decisions in a much more sophisticated and nuanced fashion. For
example, a discussion of enterprise risk tolerance may sound very different if some board members have
extensive security experience. This will bring more rigor within enterprises on how strategies are set and
executed and how expectations and outcomes get communicated.
Governments are forcing businesses to prioritize cybersecurity risk governance, mitigation strategies, and
incident reporting and response, with the help of local regulators, CERTs, and quasi-government agencies.
Regulatory changes have helped to evolve the fiduciary responsibility of boards to ensure that appropriate
risk management strategies are in place. In the U.S., the SEC is routinely creating new regulations, such as the
proposed SEC Release No. 33-11038, which will eventually compel organizations to declare the cybersecurity
expertise of board directors.

Figure 14: Board alignment to oversee cyber risks
Some 87% of organizations surveyed have a mechanism for cybersecurity board oversight. Currently, 38%
of organizations surveyed have an independent board-appointed advisor. Only 32% have a designated board
member with cyber risk experience and just 17% of boards have formed a cybersecurity subcommittee. As
new regulations encourage boards to instigate more cyber risk governance accountability, we expect the
percentage of boards with a designated board expert and/or the percentage of boards with a designated
subcommittee to grow in the coming years. Well-sourced and coordinated board expertise will make business
alignment, budgeting and communications more effective — both internally across the enterprise and
externally with regulators.
The percentage of boards with a designated cybersecurity expert, and the percentage
of boards with a designated cyber subcommittee will continue to grow.
Cybersecurity Oversight by Boards

Our research also revealed how frequently enterprise management reports cyber risk to their boards. It is
important to note that all the organizations surveyed have a board reporting mechanism in place but the
reporting happens at varying intervals. As shown in Figure 15, 68% of executive teams report quarterly or
monthly, 17% of organizations report every six months and 10% report annually. As the reporting frequency
increases, the systems and processes that contribute to the quality of the reporting will need significant
enhancement to ensure that what’s being reported is relevant and succinct enough for board digestion.
*The statistics presented here are obtained by

region wise slicing of survey data

The SOCR primary research indicates that 87% As the frequency of cyber risk reporting to Boards
of the organizations have some mechanism for increase, the systems and processes that bring
cybersecurity oversight through the board. The timely and quality insight will need significant
break-up of the 87% not only gives an indication enhancement.
of the status quo but also suggests a possible
evolutionary path on how those numbers might look
a few years from now. Currently 38% of organizations
surveyed have an independent advisor appointed by
the board to oversee cyber risks. Only 32% have a
designated board member with cyber risk experience
and the number falls to 17% for boards that have
Figure 15: Cadence of Cyber Risk Reporting to
constituted a sub-committee on cybersecurity.
the Board of Directors
It can be reasonably concluded that the last two
figures will continue to grow at the expense of the
former as new regulations force boards to take more
accountability for cyber risk governance. This is
good news for the security and risk leadership within
enterprises, as tasks to communicate and secure
alignment on strategies and budgets to support
those efforts will become easier when boards have
the right level of expertise.
The percentage of boards with a designated member

having cybersecurity expertise or boards with a
sub-committee on cybersecurity is expected to grow
quickly in the coming years.
Cyber Risk Reporting to Boards

In the previous section, we saw how changing
regulations on cyber disclosures will bring more
attention within the board on cybersecurity with
GLOBAL INSIGHT
the right kind of experience to monitor the risks.
The frequency that a board receives cyber risk of the organizations

report cyber risk to
reports is also an important consideration. About
41% of surveyed organizations report cyber risk to
41%
Quarterly
executive management
the board every quarter, 27% report every month,
every quarter
17% report semi-annually and 10% report cyber
risks annually. Just 5% of organizations report
VERTICAL INSIGHT
cyber risk on an ad hoc basis. The most important
point to note here is that all the organizations of surveyed organizations
in Communications
surveyed have a reporting mechanism present at
different intervals during each year.
57% sector report cyber risk to
Quarterly
executive management
every quarter

CISO Reporting Should Align for Board Oversight
For the last decade and a half, CISOs have been largely reporting to CIOs, and this model has worked
reasonably well as a fit-for-purpose approach. Infrastructure, applications, and more recently cloud
ecosystems have progressively been built and managed by the IT organization. In this model, security usually
gets bolted on, and while that is not the most effective approach, it’s had its benefits. But for this model to
work cohesively, the security structure has to be organized for the most part under the CIO.
The primary research explored the CISO reporting point: about 54% of the organizations highlighted that it
was under the CIO. Interestingly, about 25% of organizations also had direct reporting to the CEO or indirect
supervisory review cadences. About 20% of the reporting was spread across other C-level reporting such as
the COO, CRO, CFO and CLO.
Figure 16: CISO Reporting
Looking at the scale of change

within organizations, taking
cybersecurity out of the IT
organization to a business
aligned structure will drive
multiple benefits.
As modern enterprises
continue their digital
transformation journeys,
organizational design
strategies to manage cyber
risk will undergo major
revisions. Both the health of
the business and the safety
of its people are at stake.
We’ve noted the importance of
adding cyber expertise to the
board. Properly positioning risk
management responsibilities
below the board level is also
important. IT may not be the
best fit for governing risk

mitigation strategies when they are already under pressure to deliver cutting-edge technology and keep
up with IT market demands. Moving cybersecurity into a business-aligned management structure will drive
multiple benefits, including better board accountability, the ability to spread risk-mitigating behavior across
the organization, and the opportunity to advocate for necessary cybersecurity budgets.
GLOBAL INSIGHT VERTICAL INSIGHT
54% 25% 62% 32%

of surveyed of surveyed of the CISOs in of the CISOs
organizations’ organizations’ Communications in ENU sector
CISOs report to CISOs report to sector reports to reports to CEO
the CIO the CEO CIO
Consequences of Cyber Attacks GLOBAL INSIGHT
Cyber attacks in today’s hyper-digital world can have

serious business consequences for organizations,
with both direct and indirect economic costs that
go beyond what enterprises have experienced in the
past. Cyber attack direct costs include regulatory
fines and incident management expenses. Publicly-
traded companies can suffer loss of short-term 75% of organizations
market capitalization due to share price dips. highlighted damaged brand
Organizations also suffer indirect economic costs reputation as the key impact
after a publicly significant cyber incident, including
of cyberattacks
brand damage, loss of consumer confidence and
operational disruptions.

Figure 17: Cyberattack Consequences
A vast majority of organizations

(75%) reported damage to
brand reputation as the primary
consequence of cyberattacks.
Others reported loss of customers
(42%), opportunity loss (42%), and
regulatory fines (23%).

Figure 18: Range of Percentage of Annual IT Budget
Security Budgets & allocated for Security
Investments
Relative expansion despite austerity
Some 32% of organizations surveyed spent

more than 10% of their annual IT budget on
security, and 22% spent less than 4%. Due
to the current financial headwinds, overall IT
spending available at many organizations will
come under pressure. CISOs will need to focus
on advocating security capabilities that could
help create and expand new revenue streams
in areas like consumer identity.
Businesses are investing in the following key

capabilities:
GLOBAL INSIGHT
32%
• 79% identified security orchestration
and automation—an important set of
technologies that can help streamline costs
of organizations spend
and efficiently scale an enterprise’s defenses.
greater than 10% of
• 71% called out Zero Trust networks—the their overall IT budget
emerging standard for authentication in on security
highly networked environments.
• 67% are investing in third-party risk management and supply chain security in response to the new multi-
party risk in digital transformations.
• 46% of the organizations globally have indicated OT/IoT security as priority area, however the percentage of
focus on OT security spend is higher for ENU (56%) and Manufacturing (71%) sectors.
To manage costs, many organizations have invested in automation. Although automation may help to avoid simple
repetitive tasks, generative AI could soon improve detection processes in the expanding cloud environment attack
surfaces. CISOs are concerned about the security risks related to the increased use of generative AI. One step
organizations are taking in 2023 is restricting access to public AI systems.

Figure 19: Security investment priorities
Although automation may help to avoid simple repetitive tasks, generative AI could soon improve detection
processes in the expanding cloud environment attack surfaces.
Privacy Priorities in the Era of Record Fines
Over the last decade, data privacy has been a primary focus area for organizations due to more stringent
state, country, regional and international privacy rules. Recent heavy fines on leading technology firms have
put the spotlight back on the core principles of privacy and its intersection with data residency and
cross-border data transfers.

As the global regulatory landscape continues to change, 61% of organizations have prioritized regional (state/
country/continent) compliances, with 20% of organizations focused on international regimes. Only 19% of
the remaining organizations are planning to have privacy programs focused on enhancing customer trust
as opposed to meeting regulatory compliance. Data privacy is another area where AI might play a role, as AI
models can be trained to assess the privacy risks of advanced PII data.
Figure 20: Data privacy priorities
As the global regulatory landscape

continues to change, 61% of
organizations have prioritized regional
(state/country/continent) compliances,
with 20% of organizations focused on
international regimes. Only 19% of the
remaining organizations are planning
to have privacy programs focused on
enhancing customer trust as opposed
to meeting regulatory compliance.
Data privacy is another area where AI
might play a role, as AI models can be
trained to assess the privacy risks of
advanced PII data.
GLOBAL INSIGHT
61%
of organizations have
highlighted new and
evolving localized privacy
regimes to be a priority
focus area

Data Security Controls
Quantum computing could assist bad actors in executing
sophisticated attacks on the enterprise and other digital
spaces.
With the adoption of IoT and Cloud technologies and with data
heavy use cases, the so-called 3 Vs of data – volume, velocity
and variety – have seen a massive uptick. Businesses need
to derive value from data while meeting the organization’s
obligations to comply with increasingly stringent privacy
regulations. Security teams have been tasked with developing
effective strategies for meeting these two objectives and
mitigating the threat of losing intellectual property (IP) and
non-public information (NPI).
Progress in quantum computing is the next frontier for

security teams, representing both good and bad use cases.
Quantum computing could assist bad actors in executing
sophisticated attacks on core assets across enterprises,
including digital currencies and blockchain apps.
Our research also explored which post-implementation data

security controls provided the most value. Privileged Access
Management topped the list with a score of 8.72 out of 10,
followed by Automated Data Discovery & Classification
(8.54), Encryption of PII/NPI (7.09) and DLP (6.93).
GLOBAL INSIGHT
Privileged Access Management

with a score of
8.72/10
was rated as the top
data security control

Figure 21: Top Data security controls
DATA SECURITY CONTROLS SCORE

Privileged Access Management 8.72
Automated Data Discovery & Classification 8.54
Encryption of PII/NPI (Non Public Information) Data Across 7.09
the Databases
Data Leak Prevention (Network/End Points) 6.93
Encryption of PII/NPI Data 6.18
Data Activity Monitoring for Critical Production Databases 5.71
De-identification of Data in Non-production/QA Environments 3.88
Information Rights Management for Office/Email 3.54
Monitoring of Cloud Environments through CASB (Cloud 2.76
Access Security Brokers)
Tokenization 1.65

Future SOC Evolution GLOBAL INSIGHT
The Security Operations Center (SOC) of an of organizations

enterprise keeps an eye on the enterprise’s highlighted Tackling
digital frontiers, analyzing layers of defensive
controls put in place to block cyber intrusions.
45% Unknown attacks
through additional
However, since it is impossible to build foolproof cognitive detection
defenses, it is vital that suitable monitoring is in capabilities as a priority
place to respond to attacks that break through. for their SOCs
Many SOCs today are distributed using a “follow
the sun” model with collaborative teams across
geographies using a shared technology stack in an
outsourced model.
Within its SOC, an enterprise needs the right blend

of security operations, full stack engineering,
contextual threat intelligence, noiseless detection,
threat hunting and incident response.

Figure 22: Top Priorities for the Future SOC

Addressing OT Security Risks
For decades, Operational Technology-heavy industries Of the surveyed organizations, 60% cited a “Shortfall
have kept their critical infrastructure segregated of OT Cybersecurity skills” as a key barrier to
physically and organizationally in the hands of domain addressing OT security risks. This is followed by
operators. With the advent of digitization, the need to 59% who listed lack of awareness of OT threats as
connect these systems with regular IT environments their major barrier. Close to 35% highlighted their
has grown to meet the demand for real-time data. But dependency on OEMs in the OT space for security
this has created a tech feedback loop. Connecting capability.
the OT environments to the IT environment breaks the
conventional air gap and expands the attack surface of
critical infrastructure providers making them targets
for nation-state bad actors. Successful OT security GLOBAL INSIGHT
implementations depend on good partnerships
between OT and IT teams that leverage industry best of organizations have
practices. highlighted that Shortfall
of OT Cybersecurity skills
Successful OT security implementations depend on 60% is a major barrier to
good partnerships between OT and IT teams that address OT security risks
leverage industry best practices.
Figure 23: Barriers to address OT Security Risks

Prioritizing Cyber Hygiene
Cyber hygiene is a foundational issue that security professionals have been grappling with for ages. Despite
technological advancements, attackers continue to use timeless tactics to exploit weaknesses in software
and infrastructure stemming from poor cyber hygiene. Even the tools for scanning and assessment in this
space are commoditized, and many of the methods employed are standardized and outdated. This results in
less-than-ideal life cycles in many organizations, with huge imbalances between vulnerability identification
and post-identification remediation. Some vulnerabilities may be left aging for months, creating glaring
weaknesses in the system.
Figure 24: Most Challenging Phases of Vulnerability Lifecycle Management
Despite generational technology leaps, attackers have continued to use timeless tactics for exploiting
weaknesses in software and infrastructure that stem from bad cyber hygiene.
In our research, organizations identified various stages of the vulnerability management lifecycle. Asset
identification and discovery topped the list at 79% but can be considered a broader problem for IT at large.
Risk analysis prioritization was next at 68% followed by vulnerability scanning at 65%. Solving these top three
vulnerability lifecycle management challenges enables security teams to greatly enhance their knowledge of
attack paths, exploits in the wild, and the availability of patches or compensating controls to minimize risks by
remediating prioritized weaknesses.

IAM Priorities
In 2023, identity is the new perimeter of cybersecurity. The digital nature of today’s businesses has extended
the boundaries of identity management to cut across employees, partners and suppliers. But growth in the
different classes of IT assets has led to a corresponding growth of identities to sustain these environments.
The emergence of non-human identities— think IoT devices — and the impending expansion in identities
associated with generative AI ecosystems has made the landscape extremely complex.
Cost reductions through OpEx savings in IAM operations and a focus on digital transformation initiatives
involving Customer IAM (CIAM) will help IAM strategies become more business-aligned.
According to our research, 57% of the respondents highlighted OpEx reduction leveraging IAM-as-a-Service
as a key priority. Revenue generation by modernizing CIAM was cited by 42% of the surveyed organizations.
OPEX reduction helps the IT and Security organizations align to any austerity pressures, while CIAM helps the
business establish future revenue streams using security as a key enabler.
Figure 25: Identity Access Management priorities GLOBAL INSIGHT
57% of organizations
highlighted OpEx
reduction leveraging IAM
as a Service as a key focus

Integrating Security into Business
Transformation
Security technology capabilities such as low latency According to our research, a majority of the
connectivity, sensorial awareness, pervasive data, respondents (63%) believe that the biggest barrier
and large language-based cognition are driving to integrating security into business transformation
significant transformations in the way the world does is the lack of proper cyber talent, followed by stricter
business. This is particularly relevant in verticals timelines to execute appropriate security activities
such as Healthcare, Manufacturing, Banking & (50%) and the rise of new-age technologies (47%).
Financial Services, Retail, Transportation, Consumer
Goods and Energy & Utilities. However, many of these
transformative efforts do not factor in cyber risks at GLOBAL INSIGHT
the inception stage, which leads to the escalation of
enterprise risk, project delays, cost overruns and a 63% of organizations consider lack
less-than-satisfying end-user experience. of cyber talent as the biggest barrier
in integrating security into business
Digital transformation efforts are often accompanied transformation
by a lack of awareness of risks due to additional
attack surfaces emanating from new digital assets.
This sometimes results in a less-than-adequate
effort to bolt on disparate security solutions for a
quick fix. But successful risk management requires
a strategy-first approach with business-aligned,
integrated solutions. To get there, organizations must
overcome common barriers.
Figure 26: Barriers to Integrating security into Business Transformation

Characteristics of a Modern Cyber
Professional
The cybersecurity talent gap has put tremendous pressure
on security leadership and human resource teams to
find new talent, limit security team attrition and manage
operational costs. The skills required for cybersecurity
management range from deep tech expertise in areas
like threat hunting, to forensics, and regulatory and legal
knowledge. As business technology stacks evolve, the
pressure on cybersecurity teams increases to understand
the latest technologies and uncover weaknesses. Cloud,
IoT, AI/ML, and generative AI are just a few examples of new
technologies that have required security teams to track and
contain related risks. Domains such as OT Security have
required cybersecurity professionals to step into previously
unexplored roles and territories.
The skills required for cybersecurity management range

from deep tech expertise in areas like threat hunting, to
forensics, and regulatory and legal knowledge.
Because so much importance is placed on cybersecurity

talent, our research employed a ranking process that
prioritized the skills and characteristics CISOs were
looking for when recruiting and hiring cybersecurity
professionals.

Technical aptitude was the most important skill common ground, cyber professionals must have
driving the hiring process, with a score of 6.3 out these soft skills along with their technical area of
of 7, followed by cybersecurity certifications at expertise, suggesting that industry professionals
5.2. Relevant work experience in the cybersecurity may need to modify their over-reliance on tech
field came in third at 5.1. Note that respondents expertise when evaluating new hires.
chose core cybersecurity knowledge and skills
GLOBAL INSIGHT
over softer characteristics such as intellect,
business knowledge and interpersonal skills.
Technical aptitude is the topmost
To overcome the challenges around gaining
priority while hiring
alignment, overcoming conflicts, and finding
Figure 27: What CISOs Look for in modern cybersecurity professionals?
Confidence in Cyber Controls

Cybersecurity is clearly at a crossroads. For more than a decade, the industry has been battling attacks that
keep increasing in frequency and impact. The enterprises’ understanding of cyber risk is getting better with more
robust assessments and with budget increases for laying down controls that were primarily preventive in nature.
Layers of detection are being added to catch attacks that cut through the defenses. But despite advances made in
technologies like AI/ML, cyber hygiene continues to be less than desirable, meaning many breaches occur without
the attackers needing to exponentially advance their sophistication. Now that attackers have greater access to
generative AI and machine learning (ML), they are poised to raise the technical sophistication bar.
As a result, security professionals are not exactly brimming with confidence in their ability to understand
cyber risks. Just 51% of the surveyed organizations are highly confident about their understanding of cyber
risks. Only 18% of organizations are highly confident in their ability to detect attacks that find their way

around preventive controls. And here’s the key data point: only 9% of organizations are highly confident about
their preparedness to quickly recover from a significant attack.
Figure 28: Confidence in cyber controls
GLOBAL INSIGHT
51% of organizations are but only 9% are highly confident

highly confident about their about quickly recovering from a
understanding of cyber risks significant attack

SECTION III
STATE OF
COLLABORATION

Organizations are exposed to risk by failing to include Organizations build threat information sharing
and manage key stakeholders —both internal and relationships solely to prevent cyberattacks.
external — in the enterprise’s security ecosystem. The shared information could be details about
the latest attacks, identification of potential
This section examines the practical barriers
cyber actors, strategies and tactics used by
to information sharing with stakeholders both
those cyber actors and the company’s response
inside and outside the so-called ‘four walls of the
to attacks and breaches. There are many
enterprise.’ A critical factor for cyber resilience
benefits to exchanging cyber threat intelligence
success is collaboration among all stakeholders
information, including speeding up threat
and the ability to manage risk from third-party
awareness, developing new technology for averting
suppliers.
and responding to cyberattacks and reducing
We also look at the value of running simulation long-term cybersecurity expenditures. But while
exercises as a way to prepare for inevitable attacks, collaboration is generally regarded positively in
and the importance of engaging the board in these the cybersecurity world, there are practical and
exercises. Even the most robust risk management legal reasons for the enterprise to limit open
programs will sometimes fail, and that’s why cyber information sharing.
insurance is a critical component. But it’s important
We asked our survey respondents what stops them
to understand the limitations of cyber insurance,
from sharing intelligence information with external
which does not cover some major enterprise risks.
stakeholders.
Barriers to Threat Intelligence

Sharing
While collaboration is generally regarded positively
in the cybersecurity world, there are practical
and legal reasons for the enterprise to limit open
information sharing.

Figure 29: Challenges in Threat Intel Sharing
The top three reasons were: GLOBAL INSIGHT

• Trust and privacy
59%
• Potential lawsuits (after disclosure of an attack), and
• Cross-border regulatory issues

organizations consider ‘Trust
By far, trust and privacy is the top barrier to information
and Privacy’ as the major
sharing, with close to 59% of the respondents saying
challenge in sharing threat intel
it’s their biggest concern. Organizations often fear that
disclosing any cyberattack might cause huge damage to
their reputation and strike fear among their customers,
ultimately impacting their financials. As we observed
earlier in this report, damage to one’s brand is the top
concern of 75% of all CISOs.

Third-Party Collaboration
Considering the pace that organizations are
expanding physically and digitally, third-party
collaboration has become a necessity—but it
presents strategic, operational, technological and
regulatory challenges.
Third-party collaboration is generally favored

by organizations that rely on multiple vendors
and partners to provide more efficient and
agile services to their stakeholders. These
collaborations also help organizations expand
their revenue base by serving wider geographical
areas. Considering the pace that organizations
are expanding physically and digitally, such third-
party collaboration has become a necessity. But
it presents strategic, operational, technological
and regulatory challenges due to a number of
risk factors across the third-party ecosystems,
including:
• Outdated software patches
• Non-compliance to data regulatory

requirements such as the General Data
Protection Regulation (GDPR).
• Fines resulting from regulatory

non-compliance
• Insufficient security verifications
• Infrequent audits to check cybersecurity

posture
According to our research, 35% of organizations

said their third-party suppliers reported a security
breach in the past year. About 37% of organizations
use formal Third-Party Risk Management (TPRM)
software that conducts automatic third-party
screenings and risk-area decision tracking.
However, 20% of survey respondents still use basic
tools like Microsoft Word and Excel to keep track
of third-party cyber risks. As noted in the executive
summary, third-party supplier reporting needs to be
better managed.

Figure 30: Approaches to Third-Party Risk Monitoring
GLOBAL INSIGHTS
only37%
of organizations use
formal TPRM software
More than one third

(35%) organization
35%
experienced their
third -party supplier
getting breached
Figure 31: Organizations Whose Third-Party

Suppliers Experienced Security Breaches

Simulation Exercises Well-planned and orchestrated cyberattack
simulation exercises can also help organizations
Only 4% of respondents had not conducted any discover the blind spots in their systems that
sort of crisis or incident response exercises in threat actors may use as breach access points.
the last two years. Only 27% of the surveyed Simulations can also help analysts look at the
organization witnessed participation of board organization’s cybersecurity posture from the
members in simulation exercises. attacker’s point of view, giving them greater
insight into how to secure their devices, systems
One of the most impactful ways for an organization
and networks.
to diagnose its cybersecurity defenses is to
conduct cyberattack simulation exercises. In our survey, we learned that in the last two
Simulations can train employees to respond years, 84% of the respondent organizations had
effectively in different scenarios to minimize conducted tabletop exercises that included the
damages. IT Security team, and 79% of the organizations
involved the IT operations team. This shows that
major organizations are proactively developing a
Figure 32: Stakeholder Engagement in Cybersecurity Simulation Exercise

better cybersecurity posture through simulation. We’ve
GLOBAL INSIGHT
discussed the importance of engaging the board in all
27%
aspects of cybersecurity strategic planning, and this
includes board participation in simulation exercises. But
almost three-quarters (73%) of surveyed organizations
did not include board directors in their exercises. Board of organizations showing
involvement is a golden opportunity for companies to active board participation in
improve collaboration efforts. Only 27% of the surveyed cybersecurity simulation exercises
organization witnessed participation of board members
in simulation exercises. This may be the one place
where many organizations can improve their ability to SECTORAL INSIGHT
collaborate. Although tabletop exercises are a quick
way to check for cybersecurity preparedness, full-scale
functional simulations can give better insight into what a
Top three
sectors 43%
BFSI
cybersecurity posture looks like. A functional simulation witnessing
with the collaboration of all relevant teams—including
highest
participation of 43%
board members Communications
the board— will help analyze potentially negative impacts
in a real-time setting, which in turn helps to optimize
29%
in cyber
responses as part of an enterprise’s incident response
simulation are:
playbook. Technology

Figure 33: Areas not covered by Cyber Insurance Policy
The Limits of Cyber Insurance

The cyber threat landscape is evolving every day, and despite an organization’s efforts to implement the best
cybersecurity and regulatory measures, cyberattacks and data breaches remain a very real possibility that can have
catastrophic financial and reputational impacts on the enterprise. Adequate cybersecurity insurance is a necessity.
But a word of caution: while cyber insurance can help organizations cover some of the financial losses that arise
from cyberattacks and breaches, not all types of liability are covered, including some of the biggest exposures that
organizations face today.
Figure 33 suggests that insurance companies may need to produce plans that provide more coverage at a
reasonable premium. But here’s the challenge for insurance companies: they have struggled to diversify risk across
different domains and/or predict future risk based on past trends as a result of rapidly evolving threat scenarios.
This results in higher premiums. And in most cases, the calculation of exact damages is difficult because of the
nature of the attacks and the cascading damage that follows.
At the very least, organizations need to take a hard look at cyber insurance as a method of managing cyber
and ask, “Are we adequately protected?” This is a conversation that CISOs might have with the CFO or head of
risk management, both of whom have the expertise and tools to evaluate cyber and regulatory risk. They could
become part of the collaborative team.

SECTION IV
FUTURE OF
CYBER
SECURITY

As disruptive technologies accelerate, CISOs may need to think like futurists to stay ahead of security innovations.
Introduction: The long view on patent / Machine Learning (ML), Blockchain, Internet of
submissions Things (IoT), 5G, Quantum Computing, and Digital
Twin. This analysis was performed by scanning
One way to identify future cyber technology trends patents submitted from 2018 onwards covering
is to analyze patent submissions. It’s important to all geographies. More specifically, this technology
gain insights into how organizations are making trend analysis focuses on twenty-one countries.
investments and how they are protecting them This analysis also tries to map patent submission
with patents. Generally, it takes years for a new activities in cybersecurity patent tech radar areas.
technology to begin maturing. Consider generative
AI, which is currently experiencing unprecedented Cybersecurity Patent Submission Trend
growth. Generative AI has been in R&D for many
It is observed that, since 2018, 24900+ patent
years, but is only making headlines now. We
families (technology inventions) have been
take a long view on the future of cybersecurity
submitted in the cross-section of relevant
that is tied to the premise that patents highlight
cybersecurity practice areas, industry domains
the beginning of a process designed to push
and technologies. Every year, starting from
technology solutions forward and eventually
2018, there was an increase in number of patent
drive new revenue streams. As the noted futurist
submissions. This specifies that there is an
Ray Kurzweil has suggested, the future comes
increased emphasis in research, technology
faster than one thinks. As disruptive technologies
growth and its adoption in cybersecurity. It is
accelerate, CISOs may need to think like futurists
worth noting that the data for 2021 and 2022
to stay ahead of security innovations.
is incomplete (due to standard time lag in
Research Scope publication procedure at patent offices across
the world) and is expected to be higher when all
This research was conducted for nine the patent applications submitted at different
cybersecurity practice areas like Data Security, patent offices are published. Consequently, the
Application Security, Network Security, Cloud aggregated patent submission numbers shown
Security, Endpoint security etc. across top six key here for the years 2019, 2020 would be higher than
emerging technologies, Artificial Intelligence (AI) the numbers reported in the previous editions of
SOCR.

Figure 34: Year-Wise Cybersecurity Patent Submission Trend
Which countries are leading the The reality is that while China leads in overall
submissions, the race for global dominance in new
race in patent submissions?
technology patents is still in the early stages. Any
Although China leads in overall submissions, concerns regarding the geopolitical implications of
the race for global dominance in new technology China’s domestic filings may be premature.
patents is still in the early stages. Any concerns
Many of the patents filed by China and the U.S. are
regarding the geopolitical implications of China’s
in different technology domains. Most of the U.S.
domestic filings may be premature.
patents are related to data security, device security
Our data show that China today is leading in total and network protection. Many China-filed patents
patents filed, with more than 19,000 in 2022. The U.S. pertain to cloud security, threat intelligence using AI /
was second, with more than 4,500 patents filed. It’s ML and blockchain.
important to note that only 6% of the Chinese patents
were submitted in the U.S. and other geographies.
This suggests that Chinese patents are largely
domestic and unprotected outside China.

Figure 35: Geography Wise Cybersecurity Patent Count on a Logarithmic Scale

Which Industry Sectors are Most
Impacted by these Patents?
For technology organizations, AI/ML patents are leading
the way. AI/ML has already been leveraged to address both
practical and complex problems in the cybersecurity space.
The three most impacted industry domains for cyber

patents are:
• Consumer
• Healthcare
• Technology
Consumer industry
Within the consumer industry domain, most patent
submissions have been in media, followed by travel and
hospitality. The greatest number of submissions have been
related to user account security, privacy protection, and
personally identifiable information (PII).
Healthcare industry
In healthcare, most of the patent submissions have been

related to the protection of PII and digital patient medical
records. In the medical device subdomain, most submissions
were related to intrusion/detection protection, software
supply chain security, and device access management.
Technology industry
For technology organizations, AI/ML patents are leading

the way. Dominating headlines for the past two years —
thanks to the meteoric rise of generative AI — AI/ML has
already been leveraged to address both practical and
complex problems in the cybersecurity space. The CEOs
of a number of top technology companies — including
hardware firms and consumer tech giants — have
announced plans to integrate generative AI into every
application and device. Other emerging technologies, such
as 5G and quantum computing, have gained early adoption
but still have great headroom to grow. These technologies
offer tremendous opportunities to streamline processes
and expand security capabilities, but they may also
multiply enterprise risk exposures.

Figure 36: Cross-Section of Industry Domain and Emerging Technologies in Cybersecurity
Digital Quantum Block-

S. No Sector Sub-Sector 5G IoT AI/ML
Twin Computing chain
Securities and Investment Banking 24 11 63 38 120 143

1 BFSI Insurance 3 5 10 22 79 248
Banking 4 23 56 109 508 422
2 COMM Comms 4 21 155 222 104 221
Consumer Goods 7 3 15 64 119 101
Education 2 8 2 5 2 24
Media 14 30 205 212 235 448
Travel & Hospitality 6 13 75 101 79 330
3 Consumer
Retail 6 2 26 70 169 173
Transportation 19 10 20 37 25 102
Public Services 2 5 30 72 137 147
Distribution 7 10 5 8 17 76
Engineering & Construction 20 21 64 229 114 204
4 ENU Utilities 4 9 8 23 8 32
Resources-Oil & Gas, Mining 2 5 7 37 30 97
Information Services 3 2 21 66 137 92
Medical Devices 8 6 17 37 58 170
5 Health
Healthcare 14 32 239 292 310 640
Life Sciences 5 4 133 47 52 251
Industrial Product Manufacturing (IPM) 7 38 98 342 265 509
6 MFG
Auto 4 5 78 243 97 308
Network Equipment Providers (NEP) 1 32 96 155 59 144
Semiconductor, Computing, Storage
7 TECH 4 9 15 35 97 338
& Peripherals
Consumer Electronics And Peripherals 9 15 212 349 296 437

Figure 37: Cybersecuriy Patent Tech Radar
Figure 37 shows how IoT security led the race before 2023 with more than 2,400 technological inventions. It
was followed by homomorphic encryption with over 1,700 patent families, and decentralized identity with
more than 1,400 patent families in just the past few years. The adoption of homomorphic encryption, DID, OT
security, and breach and attack simulation were at least partially responsible for the significant growth in
patent filings. Other areas have seen relatively modest growth. Newer entrants, such as XDR, serverless and
function security, external attack surface management, and cloud infrastructure entitlement management,
appear to be gaining some momentum.
It is notable that IoT and decentralized identity are at the top of this analysis. It is a reminder of where the
internet is going, with the recent trend of decentralization at the heart of IoT and Web3. These are technologies
that are adaptive to major architectural shifts in modern IT, and CISOs should keep them on their radar.
SECTORAL INSIGHT
The top domains for new cyber

patents over the past few years are
IoT, Homomorphic Encryption and
Decentralized Identity

Patent Technology Trends at the SECTORAL INSIGHT
Cross-Section of Cybersecurity
Practice Areas There are several emerging technologies
that will impact cybersecurity in the near
Blockchain and AI/ML – two of the most disruptive future including AI/ML, 5G and Quantum
technologies to rise over the last few years – are among Computing
the emerging technologies poised for future impact.
Other notable contenders include 5G and in the more
distant future, quantum computing. Here’s a by-the-numbers look at patent filings across four core practice
areas:
• Data security: A deep dive into patent submissions in data security reveals that protection against
unauthorized access is enabled by unique mechanisms of data encryption, tokenization, and key
management across all applications and platforms.
• Device security: In device security practice, AI/ML leads in patent filings (2,335) followed by blockchain
(1,144), IoT (802), 5G (697), digital twin (476), and quantum computing (196).
• Network security: In network security, AI/ML (2,057) again dominates, followed by blockchain (768), IoT
(756), 5G (645), quantum computing (84), and digital twin (83).
• Technology implementation. AI/ML again dominates the field, followed by blockchain, IoT, and 5G. Digital
twins and quantum computing appear to be gaining momentum in this practice area.

Figure 38: Patents in the Cross-Section of Cybersecurity Practice Areas and Emerging Technologies

ethodology
M
& Demographics
Wipro developed the State of Cybersecurity Report 2023

following a three-pronged methodology
The primary research (external) involved surveying security leadership throughout US, Europe and APMEA
geographies. A questionnaire with 30 questions about trends, governance, security practices, collaboration
and best practices was administered over two months. The survey was anonymous, and the responses were
processed at an aggregated level to arrive at insights. The CDC research was conducted on aggregated data
from Wipro’s CDCs across North America, Europe, India, the Middle East, and the APAC region.
The secondary research, carried out by the SOCR core team, involved various public databases and research
platforms to supplement the primary research and correlate trends in the cybersecurity domain. This year,
Wipro collaborated with our Ventures partners, security product partners, and academia to bring together
their perspectives on the changing cybersecurity landscape.

Respondent’s Geography
Organizations Surveyed: By Vertical

Key Statistics: Making of SOCR 2023
345 24,900+
organizations surveyed patents filed worldwide over
across 21 countries last five years are analyzed
1,100+ 28
nation-state attack data associated partners
of last 5 years analyzed
23
countries data protection
laws are analyzed

Associated
Partners

About Wipro
Wipro CRS is a leading cybersecurity consulting firm

and the trusted cybersecurity transformation and risk
services partner to global enterprises. We enable digital
transformations that drive operational growth, defend
business operations and build future-proof cyber
resilience at scale using a strategy-first, business-
aligned approach.
Wipro CyberTransformSM is our integrated suite of

cybersecurity services that includes strategy and
implementation. Wipro CyberShieldSM is our industry-leading suite of managed services. Together, these
comprehensive cyber offerings empower organizations to protect against current and future threats and
maintain compliance across the constantly evolving cybersecurity and regulatory landscape.
Cyber Defense Centers

Our expert CyberSecurists deliver managed and hosted services out of Cyber Defense Centers strategically
located around the globe ensuring we are always close to our 600+ customers.

Holistic end-to-end
cybersecurity services
Our award-winning service portfolio and consulting capabilities include strategy, implementation and managed
services delivered across five practice areas.

Connect with
Wipro
To contact us about Wipro’s cybersecurity and risk services,
please visit: wipro.com/cybersecurity-experts.
Americas 1 Americas 2
Rajesh Pillai Mark Vanston

Head of Americas 1 Head of Americas 2
• Healthcare and Medical • Banking, Financial Services

Devices • Security, Investment
• Consumer Goods and Banking and Insurance
Lifesciences • Hi-tech
• Retail, Transportation and • Energy, Natural Resources
Services and Utilities (ENU)
• Communications, Media • Manufacturing
and Information services
• Canada
• Technology Products and
Platforms
• Latin America (LATAM)
Europe Asia Pacific

Middle East
Africa
John Hermans
Head of Europe
Rene Morel
Head of APMEA

Authors
Chief Editor Content & Research Inputs
Josey V George Sudipta Ghosh

General Manager, Cybersecurity & Risk Services Head - Intellectual Property Management
Core Research, Content and Editorial Team CDC Engineering Team

Cybersecurity & Risk Services
Moumila Das
Sub-Editor
Senior Consultant, Cybersecurity & Risk Services
Karthikeyan S
Consultant, Cybersecurity & Risk Services
Sayan Sarkar
Consultant, Cybersecurity & Risk Services
References
• https://www.cfr.org/cyber-operations/
• https://www.sec.gov/rules/proposed/2022/33-11038.pdf
• https://iapp.org/resources/
• https://piwik.pro/privacy-laws-around-globe/
• https://www.dlapiperdataprotection.com/
Disclaimer:
This document is an informatory report on cybersecurity and cyber risk and should not be misconstrued as professional consultancy. No warranty
or representation, expressed or implied, is made by Wipro on the content and information shared in this report. In no event shall Wipro or any
of its employees, officers, directors, consultants or agents become liable to users of this report for the use of the data contained herein, or for
any loss or damage, consequential or otherwise. Some of the content and data have been contributed by partner companies or collected from
third-party sources with professional care and diligence, and have been reported herein; nonetheless, Wipro doesn’t warrant or represent the
accuracy and fitness for purpose of the content and data.

State of Cybersecurity Report 2023

Uploaded by

Copyright:

Available Formats

State of Cybersecurity Report 2023

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

State of Cybersecurity Report 2023

Uploaded by

Copyright:

Available Formats

STATE OF

SECTION I: State of Attacks, Breaches and Laws . . . . . 33

AUTHORS AND REFERENCES. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91

Wipro State of Cybersecurity Report 2023 | 2

“The best response to continuous disruption is

Over the past three years, major technological, geopolitical

1. What is the state of cyberattacks, breaches and regulatory laws?

2. What is the state of enterprise capabilities for addressing

3. How well are enterprises collaborating with key internal and

4. Which technologies are likely to impact enterprise cybersecurity

The best response to continuous disruption is continuous innovation.

Wipro State of Cybersecurity Report 2023 | 3

Wipro State of Cybersecurity Report 2023 | 4

• State of Attacks, Breaches and Laws

• State of Cyber Capabilities

Wipro’s cybersecurity outlook for 2023 and beyond

AI adoption in the business environment

Wipro State of Cybersecurity Report 2023 | 5

Wipro State of Cybersecurity Report 2023 | 6

Expanding cybersecurity expertise in the boardroom

Simulating attacks and responses to improve cyber resilience

Wipro State of Cybersecurity Report 2023 | 7

AI risk management framework

Wipro State of Cybersecurity Report 2023 | 8

• Govern — A culture of risk management is cultivated and present

• Map — Context is recognized and related risks are identified

• Measure — Identified risks are assessed, analyzed or tracked

• Manage — Risks are prioritized and acted on based on project impact

AI/ML risk governance action steps

• Define intended use and user guidelines

• Clarify code ownership

• Establish intellectual property rights

• Address security policies and confidentiality measures

• Focus on identity security

• Revamp security offerings

• Ensure compliance with legal and regulatory requirements

Wipro State of Cybersecurity Report 2023 | 9

Wipro State of Cybersecurity Report 2023 | 10

Wipro State of Cybersecurity Report 2023 | 20

We analyzed responses from the State of Cybersecurity

Responses were further analyzed to produce 10 critical

• Cadence of cyber risk reporting

• Board’s cyber expertise

• Top cyber risks

• Confidence in cyber controls

• Recent data breach

• Third-party security breach

• Downtime due to ransomware attacks

• Percentage of annual IT budget allocated for security

Figure 1: Response Distribution by Geography

Wipro State of Cybersecurity Report 2023 | 21

Cyber Risk Reporting Recent Data Breaches

Board’s Cyber Expertise 3rd Party Security Breaches

85% of the boards have 34% said their 3rd party

Top 2 Cyber Risks

Confidence in Cyber Control Investment Priorities

Wipro State of Cybersecurity Report 2023 | 22

28% report monthly

Investment Priorities Board’s Cyber Expertise