Over one-third of organisations globally that experienced a cyber attack in 2016 registered a revenue loss of more than 20 per cent, a new report has revealed.

According to global networking giant Cisco's annual report, 'Annual Cybersecurity Report 2017', more than 50 per cent of organisations faced public scrutiny after a security breach.

Operations and finance systems were the most affected, followed by brand reputation and customer retention, the report said.

Twenty-two per cent of breached organisations lost customers, 29 per cent lost revenue and 23 per cent lost business opportunities.

"In 2017, cyber is business and business is cyber -- that requires a different conversation and very different outcomes. Relentless improvement is required and that should be measured through efficacy, cost and well managed risk," said John N. Stewart, Senior Vice President Cisco.
 

The report is based on a survey spanning over 13 countries and including 3,000 chief security officers (CSOs).

Cyber attacks in 2016 became more "corporate" with digitisation creating more opportunities for cyber criminals.

Seventy-five per cent of the organisations investigated were infected by old-fashioned adware software that downloads advertising without user permission.

"One of our key metrics is the 'time to detection'. Cisco brought that number down to as low as six hours. A new metric -- the 'time to evolve' -- looked at how quickly threat actors changed their attacks to mask their identity," said David Ulevitch, Vice President (Security Business) Cisco.

The study suggested that security should be made a business priority and executive leadership must own and evangelise security and fund it as a priority.