Most companies have been unprepared to respond to cybersecurity incidents, revealed a global study by IBM Security. According to past editions of the study, this issue has plagued companies consistently over the past four years. While there are gaps in necessary automation and skills, the report showed that organisations are making privacy a top priority.
Some 77% of the respondents indicated they do not have a cybersecurity incident response plan applied consistently across the enterprise, while more than half of the organisations with a plan do not test their plans regularly. According to the report, testing is critical to effectively manage the complex processes and coordination that must take place in the wake of an attack. Ted Julian, vice president of product management and co-founder, IBM Resilient said,
Failing to plan is a plan to fail when it comes to responding to a cybersecurity incident.
He added that the plans need to be stress-tested regularly and require full support from the board to invest in the necessary people, processes and technologies to sustain them. According to IBM's 2018 Cost of a Data Breach study, companies that can respond quickly and contain a cyberattack within 30 days save over $1 million on the total cost of a data breach on average.
But, there are positives. Organisations are recognising that collaboration between privacy and cybersecurity teams can improve cyber resilience - 62% indicated that aligning these teams is essential to achieving resilience. When asked what the top factor was in justifying cybersecurity spend, 56% of respondents cited information loss or theft. In addition, most respondents reported having a privacy leader employed, with 73% stating they have a chief privacy officer, further proving that data privacy has become a top priority in organisations.
Areas for improvement
Organisations with the extensive use of automation rate their ability to prevent (69% vs. 53%), detect (76% vs. 53%), respond (68% vs. 53%) and contain (74% vs. 49%) a cyberattack as higher than the overall sample of respondents.
However, less than one-quarter of the respondents said their organisations significantly uses automation technologies, such as identity management and authentication, incident response platforms and security information and event management tools, in their response process. The rest of them reported moderate or no use of automation at all.
Meanwhile, survey participants also reported a lack of staffing to properly maintain and test their incident response plans, with 10 to 20 open seats on cybersecurity teams. Most of them cited moderately high to high difficulty in hiring and retaining skilled cybersecurity personnel. In fact, only 30% of respondents reported that staffing for cybersecurity is sufficient to achieve a high level of cyber resilience.
Adding to the skills challenge, nearly half of respondents (48%) said their organisation deploys too many separate security tools, ultimately increasing operational complexity and reducing visibility into overall security posture.
Conducted by the Ponemon Institute and sponsored by IBM Resilient, "The 2019 Cyber Resilient Organization" is the fourth annual benchmark study on cyber resilience. The global survey features insight from more than 3,600 security and IT professionals from around the world, including the United States, Canada, United Kingdom, France, Germany, Brazil, Australia, Middle East and Asia Pacific.
Singapore most vulnerable to malicious URL cybersecurity attacks in SEA
PR in the era of cyber attacks: Winning back public trust after a data breach
Government to review data management after more security breaches found