Cybersecurity Incident Response Still Major Issue

Cybersecurity Incident Response Still Major Issue

Over 75% of respondents across the globe admitted that they do not have a formal cybersecurity incident response plan in place across their organization, according to research conducted by Ponemon Institute and sponsored by IBM Resilient.

More worryingly, half of the respondents reported that their incident response plan is either informal, ad-hoc or completely non-existent. 

However, nearly three-quarters (72%) of organizations report feeling more cyber-resilient today than last year and feel confident about their skilled personnel. This confidence may be misplaced, with the analysis revealing that 57% of respondents said the time to resolve an incident has increased, while 65% reported the severity of the attacks has increased. 

“Having the right staff in place is critical but arming them with the most modern tools to augment their work is equally as important,” said Ted Julian, VP of product management and co-founder, IBM Resilient. “A response plan that orchestrates human intelligence with machine intelligence is the only way security teams are going to get ahead of the threat and improve overall cyber-resilience.”

With the General Data Protection Regulation (GDPR) coming into effect in May 2018, the lack of a consistent cybersecurity incident response plan could prove costly for businesses. However, most countries surveyed did not report confidence in their ability to comply with GDPR, which is concerning given the closeness of the deadline.

Furthermore, IBM found that the cost of a data breach was nearly $1m lower on average when organizations were able to contain the breach in less than 30 days, showing the financial benefits of having a good response plan in place.

“A sharp focus in a few crucial areas can make a big difference when it comes to cyber-resilience,” said Dr. Larry Ponemon. “Ensuring the security function is equipped with a proper incident response plan, staffing, and budget will lead to a stronger security posture and better overall cyber-resilience."

Source: Information Security Magazine