Responding to Cybersecurity Incidents Still a Major Challenge
March 21, 2018
Share this

A study conducted by Ponemon Institute and sponsored by IBM Resilient found that 77 percent of respondents admit they do not have a formal cyber security incident response plan (CSIRP) applied consistently across their organization.

Nearly half of the respondents reported that their incident response plan is either informal/ad hoc or completely non-existent.

Despite this lack of formal planning, 72 percent of organizations report feeling more Cyber Resilient today than they were last year. Highly resilient organizations (61 percent) attribute their confidence to their ability to hire skilled personnel — but organizations need both technology and people to be Cyber Resilient. In fact, 60 percent of respondents consider a lack of investment in AI and machine learning as the biggest barrier to Cyber Resilience.

This confidence may be misplaced, with the analysis revealing that 57 percent of respondents said the time to resolve an incident has increased, while 65 percent reported the severity of the attacks has increased. These areas represent some of the key factors impacting overall cyber resiliency. These problems are further compounded by just 31 percent of those surveyed having an adequate Cyber Resilience budget in place and difficulty retaining and hiring IT Security professionals (77 percent).

“Organizations may be feeling more Cyber Resilient today, and the biggest reason why was hiring skilled personnel,” said Ted Julian, VP of Product Management and Co-Founder, IBM Resilient. “Having the right staff in place is critical but arming them with the most modern tools to augment their work is equally as important. A response plan that orchestrates human intelligence with machine intelligence is the only way security teams are going to get ahead of the threat and improve overall Cyber Resilience.”

The lack of a consistent CSIRP is a persistent trend each year despite a key finding from IBM’s 2017 Cost of a Data Breach Study. The cost of a data breach was nearly $1 million lower on average when organizations were able to contain the breach in less than thirty days — highlighting the value and importance of having a strong CSIRP.

“A sharp focus in a few crucial areas can make a big difference when it comes to Cyber Resilience,” said Dr. Larry Ponemon. “Ensuring the security function is equipped with a proper incident response plan, staffing, and budget will lead to a stronger security posture and better overall Cyber Resilience.”

About the Study: Conducted by the Ponemon Institute and sponsored by IBM Resilient, The 2018 Cyber Resilient Organization is the third annual benchmark study on Cyber Resilience — an organization’s ability to maintain its core purpose and integrity in the face of cyberattacks. The global survey features insight from more than 2,800 security and IT professionals from around the world, including the United States, United Kingdom, France, Germany, Brazil, Asia-Pacific, Middle East, and Australia.

Share this

The Latest

February 01, 2023

As organizations continue to adapt to a post-pandemic surge in cloud-based productivity, the 2023 State of the Network report from Viavi Solutions details how end-user awareness remains critical and explores the benefits — and challenges — of cloud and off-premises network modernization initiatives ...

February 01, 2023

In the network engineering world, many teams have yet to realize the immense benefit real-time collaboration tools can bring to a successful automation strategy. By integrating a collaboration platform into a network automation strategy — and taking advantage of being able to share responses, files, videos and even links to applications and device statuses — network teams can leverage these tools to manage, monitor and update their networks in real time, and improve the ways in which they manage their networks ...

January 31, 2023

A recent study revealed only an alarming 5% of IT decision makers who report having complete visibility into employee adoption and usage of company-issued applications, demonstrating they are often unknowingly careless when it comes to software investments that can ultimately be costly in terms of time and resources ...

January 30, 2023

Everyone has visibility into their multi-cloud networking environment, but only some are happy with what they see. Unfortunately, this continues a trend. According to EMA's latest research, most network teams have some end-to-end visibility across their multi-cloud networks. Still, only 23.6% are fully satisfied with their multi-cloud network monitoring and troubleshooting capabilities ...

January 26, 2023

As enterprises work to implement or improve their observability practices, tool sprawl is a very real phenomenon ... Tool sprawl can and does happen all across the organization. In this post, though, we'll focus specifically on how and why observability efforts often result in tool sprawl, some of the possible negative consequences of that sprawl, and we'll offer some advice on how to reduce or even avoid sprawl ...

January 25, 2023

As companies generate more data across their network footprints, they need network observability tools to help find meaning in that data for better decision-making and problem solving. It seems many companies believe that adding more tools leads to better and faster insights ... And yet, observability tools aren't meeting many companies' needs. In fact, adding more tools introduces new challenges ...

January 24, 2023

Driven by the need to create scalable, faster, and more agile systems, businesses are adopting cloud native approaches. But cloud native environments also come with an explosion of data and complexity that makes it harder for businesses to detect and remediate issues before everything comes to a screeching halt. Observability, if done right, can make it easier to mitigate these challenges and remediate incidents before they become major customer-impacting problems ...

January 23, 2023

The spiraling cost of energy is forcing public cloud providers to raise their prices significantly. A recent report by Canalys predicted that public cloud prices will jump by around 20% in the US and more than 30% in Europe in 2023. These steep price increases will test the conventional wisdom that moving to the cloud is a cheap computing alternative ...

January 19, 2023

Despite strong interest over the past decade, the actual investment in DX has been recent. While 100% of enterprises are now engaged with DX in some way, most (77%) have begun their DX journey within the past two years. And most are early stage, with a fourth (24%) at the discussion stage and half (49%) currently transforming. Only 27% say they have finished their DX efforts ...

January 18, 2023

While most thought that distraction and motivation would be the main contributors to low productivity in a work-from-home environment, many organizations discovered that it was gaps in their IT systems that created some of the most significant challenges ...