sb-eu logo
Story image

Businesses confident about their 'cyber resilience' - but 77% don't have an incident response plan

19 Mar 2018

The journey to becoming a ‘cyber resilient’ organization throws up all kinds of challenges but despite an apparent lack of planning, most are confident about their strategy than they were last year.

That is according to IBM and Ponemon’s latest Third Annual Study on the Cyber Resilient Organization, which polled 2800 respondents from Asia Pacific, Australia, the United States, the United Kingdom, France, Germany, Brazil, and the Middle East.

While 77% say they don’t have a formal cybersecurity incident response plan (CSIRP), 72% say they feel more cyber resilient today than they were in 2017.

They attribute that increase to their ability to hire skilled employees (61%) and 29% say they have ideal staffing to achieve cyber resilience. 77% have trouble retaining cybersecurity professionals.

IBM warns that organizations need technology and people to be truly cyber resilient.

“Organizations may be feeling more cyber resilient today, and the biggest reason why was hiring skilled personnel,” comments IBM VP of product management, Ted Julian.

According to the study, a lack of cybersecurity professionals was the biggest barrier to cyber resilience. 50% say their current CISO or security leader has been in their organisations for three years or less and 23% say they don’t have a CISO or security leader at all.

“Having the right staff in place is critical but arming them with the most modern tools to augment their work is equally as important. A response plan that orchestrates human intelligence with machine intelligence is the only way security teams are going to get ahead of the threat and improve overall cyber resilience," Julian continues.

The biggest barrier to cyber resilience, according to respondents, is a lack of investment in machine learning and AI.  31% say they have an adequate cyber resilience budget in place.

Despite increased confidence in staffing ability, this may not translate into breach prevention effectiveness.

57% of respondents say their time to resolve an incident has increased and 65% say the severity of attacks has increased.

With GDPR coming into effect from May 2018, the survey also discovered that organizations are not ready.

77% do not have an incident response plan that is applied consistently across their entire enterprise.

“A sharp focus in a few crucial areas can make a big difference when it comes to cyber resilience,” comments Dr. Larry Ponemon.

IBM’s 2017 Cost of a Data Breach Study also found that when organizations are able to contain a breach within 30 days, it could shave $1 million off the financial costs.

IBM says this highlights the value and importance of having a cybersecurity incident response plan.

“Ensuring the security function is equipped with a proper incident response plan, staffing, and budget will lead to a stronger security posture and better overall cyber resilience," Ponemon concludes.

Story image
Ripple20 threat has potential for 'vast exploitation', ExtraHop researchers find
One in three IT environments are vulnerable to a cyber threat known as Ripple20. This is according to a new report from ExtraHop, a cloud-native network detection and response solutions provider. More
Story image
Remote staff overestimating knowledge of cybersecurity basics
‘Unconscious incompetence’ is one of the most difficult issues to identify and solve with security awareness training.More
Story image
Check Point acquires Odo Security to bolster remote security offering
The deal will integrate Odo’s remote access software with Check Point’s Inifinity architecture, bolstering the latter company’s remote security capabilities in a time where working and learning from home has become the norm, and looks to largely remain that way in the near future.More
Story image
High-tech heist: why fending off ransomware attacks is more challenging than ever in 2020
The COVID-19 crisis has unleashed a wave of sophisticated and disruptive ransomware attacks, and the onus is on businesses to ramp up their security measures if they’re to avoid falling victim, writes Attivo Networks regional director for A/NZ Jim Cook.More
Story image
Video: 10 Minute IT Jam – F-Secure talks APTs and the Lazarus Group
We spoke to F-Secure's director of detection and response, Matt Lawrence.More
Story image
CrowdStrike integrates with ServiceNow program to bolster incident response
As part of the move, users can now integrate device data from the CrowdStrike Falcon platform into their incident response process, allowing for the improvement of both the security and IT operation outcomes.More