A vast majority of organizations are still unprepared to properly respond to cybersecurity incidents, a new report found.
Seventy-seven percent of respondents indicated they do not have a cybersecurity incident response plan applied consistently across the enterprise, according to the report conducted by Ponemon Institute on behalf of IBM Security.
While studies show companies that can respond quickly and efficiently to contain a cyberattack within 30 days save over $1 million on the total cost of a data breach on average, shortfalls in proper cybersecurity incident response planning have remained consistent over the past four years of the study.
Of the organizations surveyed that do have a plan in place, more than half (54 percent) do not test their plans regularly, which can leave them less prepared to effectively manage the complex processes and coordination that must take place in the wake of an attack.
The difficulty cybersecurity teams are facing in implementing a cyber security incident response plan has also impacted businesses’ compliance with the General Data Protection Regulation (GDPR). Nearly half of respondents (46 percent) say their organization has yet to realize full compliance with GDPR, even as the one-year anniversary of the legislation quickly approaches.
“Failing to plan is a plan to fail when it comes to responding to a cybersecurity incident,” said Ted Julian, vice president of product management and co-founder, IBM Resilient. “These plans need to be stress tested regularly and need full support from the board to invest in the necessary people, processes and technologies to sustain such a program. When proper planning is paired with investments in automation, we see companies able to save millions of dollars during a breach.”
Other takeaways from the study include:
• Automation in response still emerging – less than one-quarter of the respondents said their organization significantly uses automation technologies, such as identity management and authentication, incident response platforms and security information and event management (SIEM) tools, in their response process.
• Skills still not paying the bills – only 30 percent of respondents report staffing for cybersecurity is sufficient to achieve a high level of cyber resilience.
• Privacy and cybersecurity tied at hip – 62 percent of respondents indicate aligning privacy and cybersecurity roles is essential or very important to achieving cyber resilience within their organizations.
For the first time, this year’s study measured the impact of automation on cyber resilience. In the context of this research, automation refers to enabling security technologies that augment or replace human intervention in the identification and containment of cyber exploits or breaches. These technologies depend upon artificial intelligence, machine learning, analytics and orchestration.
When asked if their organization leveraged automation, 23 percent of respondents said they were significant users, whereas 77 percent reported their organizations only use automation moderately, insignificantly or not at all.
Click here to register for the study.