Story image

Businesses confident about their 'cyber resilience' - but 77% don't have an incident response plan

19 Mar 18

The journey to becoming a ‘cyber resilient’ organization throws up all kinds of challenges but despite an apparent lack of planning, most are confident about their strategy than they were last year.

That is according to IBM and Ponemon’s latest Third Annual Study on the Cyber Resilient Organization, which polled 2800 respondents from Asia Pacific, Australia, the United States, the United Kingdom, France, Germany, Brazil, and the Middle East.

While 77% say they don’t have a formal cybersecurity incident response plan (CSIRP), 72% say they feel more cyber resilient today than they were in 2017.

They attribute that increase to their ability to hire skilled employees (61%) and 29% say they have ideal staffing to achieve cyber resilience. 77% have trouble retaining cybersecurity professionals.

IBM warns that organizations need technology and people to be truly cyber resilient.

“Organizations may be feeling more cyber resilient today, and the biggest reason why was hiring skilled personnel,” comments IBM VP of product management, Ted Julian.

According to the study, a lack of cybersecurity professionals was the biggest barrier to cyber resilience. 50% say their current CISO or security leader has been in their organisations for three years or less and 23% say they don’t have a CISO or security leader at all.

“Having the right staff in place is critical but arming them with the most modern tools to augment their work is equally as important. A response plan that orchestrates human intelligence with machine intelligence is the only way security teams are going to get ahead of the threat and improve overall cyber resilience," Julian continues.

The biggest barrier to cyber resilience, according to respondents, is a lack of investment in machine learning and AI.  31% say they have an adequate cyber resilience budget in place.

Despite increased confidence in staffing ability, this may not translate into breach prevention effectiveness.

57% of respondents say their time to resolve an incident has increased and 65% say the severity of attacks has increased.

With GDPR coming into effect from May 2018, the survey also discovered that organizations are not ready.

77% do not have an incident response plan that is applied consistently across their entire enterprise.

“A sharp focus in a few crucial areas can make a big difference when it comes to cyber resilience,” comments Dr. Larry Ponemon.

IBM’s 2017 Cost of a Data Breach Study also found that when organizations are able to contain a breach within 30 days, it could shave $1 million off the financial costs.

IBM says this highlights the value and importance of having a cybersecurity incident response plan.

“Ensuring the security function is equipped with a proper incident response plan, staffing, and budget will lead to a stronger security posture and better overall cyber resilience," Ponemon concludes.

Palo Alto Networks integrates RedLock and VM-Series with AWS Security Hub
AWS Security Hub is designed to provide users with a comprehensive view of their high-priority security alerts and compliance status.
Juniper simplifies data integration to improve threat detection
Updates to the Juniper Advanced Threat Prevention Appliances leverage third-party firewalls and security data sources.
Is mobile shopping compromising your enterprise security?
When employees do their holiday shopping on company resources, security teams have a challenge with the surge in browsing and online transactions.
Different approach to malware detection needed – VMware
Security needs to move away from the traditional approach of chasing after arbitrary forms of malware.
Modernising ERP systems can help organisations comply with GDPR
“Organisations need to look for modern ERP systems that are specifically designed with GDPR in mind."
Cyber attacks develop complexity, target Windows sysad tools - report
The report explores changes in the threat landscape over the past year, uncovering trends and how they are expected to impact cybersecurity in 2019.
DanaBot banking Trojan: How to protect your organisation
DanaBot is a Trojan written in the Delphi programming language that includes banking site web injections and stealer functions.
Ping Identity announces new Identity-as-a-Service solution
PingOne for Customers is built for the developer community and provides API-based identity services for customer-facing applications.