IBM Security released a report showcasing the results of a global study exploring organizations’ preparedness when it comes to withstanding and recovering from a cyber attack.
The study, conducted by the Ponemon Institute on behalf of IBM, found that a vast majority of organizations surveyed are still unprepared to properly respond to the cybersecurity incident. Some of the key results if the study is:
- 77% of respondents indicating they do not have a cybersecurity incident response plan applied consistently across the enterprise.
- Of the organizations surveyed that do have a plan in place, more than half (54%) do not test their plans regularly. Nearly half of respondents (46%) say that their organization has yet to realize full compliance with GDPR, even as the one-year anniversary of the legislation quickly approaches.
- The study also shows that less than one-quarter of the respondents said their organization significantly uses automation technologies, while only 30% of respondents reported that staffing for cybersecurity is sufficient to achieve a high level of cyber resilience.
- 62% of respondents indicated that aligning privacy and cybersecurity roles is essential or very important to achieving cyber resilience within their organizations.
- When the respondents were asked if their organization leveraged automation, only 23% of them said they were significant users, while 77% reported their organizations only use automation moderately, insignificantly or not at all.
“Failing to plan is a plan to fail when it comes to responding to a cybersecurity incident. These plans need to be stress tested regularly and need full support from the board to invest in the necessary people, processes, and technologies to sustain such a program,” said Ted Julian, Vice President of Product Management and Co-Founder, IBM Resilient. “When proper planning is paired with investments in automation, we see companies able to save millions of dollars during a breach.”