The incident response plan for almost half of companies is either informal/ad hoc or completely non-existent.
This is among the findings from an IBM Security study exploring the factors and challenges of being a cyber resilient organisation.
The study was conducted by Ponemon Institute and sponsored by IBM Resilient and found that 77% of respondents admit they do not have a formal cyber security incident response plan (CSIRP) applied consistently across their organisation.
Despite this lack of formal planning, 72% of organisations report feeling more cyber resilient today than they were last year. Highly resilient organisations (61%) attribute their confidence to their ability to hire skilled personnel – but organisations need both technology and people to be cyber resilient. In fact, 60% of respondents consider a lack of investment in AI and machine learning as the biggest barrier to cyber resilience.
This confidence may be misplaced, with the analysis revealing that 57% of respondents said the time to resolve an incident has increased, while 65% reported the severity of the attacks has increased. These areas represent some of the key factors impacting overall cyber resiliency. These problems are further compounded by just 31% of those surveyed having an adequate cyber resilience budget in place and difficulty retaining and hiring IT security professionals (77%).
“Organisations may be feeling more cyber resilient today, and the biggest reason why was hiring skilled personnel,” says Ted Julian, vice-president: product management and co-founder of IBM Resilient. “Having the right staff in place is critical but arming them with the most modern tools to augment their work is equally as important. A response plan that orchestrates human intelligence with machine intelligence is the only way security teams are going to get ahead of the threat and improve overall cyber resilience.”
The lack of a consistent CSIRP is a persistent trend each year despite a key finding from IBM’s “2017 Cost of a Data Breach Study”. The cost of a data breach was nearly $1-million lower on average when organizations were able to contain the breach in less than thirty days – highlighting the value and importance of having a strong CSIRP.
Other takeaways from the study include:
Staffing for cyber resilience-related activities is inadequate
* The second-biggest barrier to cyber resilience was having insufficient skilled personnel dedicated to cyber security.
* 29% of respondents reported having ideal staffing to achieve cyber resilience.
* 50% say their organisation’s current CISO or security leader has been in place for three years or less. Twenty-three percent report they do not currently have a CISO or security leader.
Organisations are not ready for GDPR
* The General Data Protection Regulation (GDPR) takes effect in May 2018 and will mandate that organizations have an incident response plan in place.
* 77% of respondents do not have an incident response plan that is applied consistently across the entire enterprise.
* Most countries surveyed do not report confidence in their ability to comply with GDPR.