Companies Not Ready for Attacks: Report

Thursday, November 17, 2016 @ 02:11 PM gHale

Companies’ cyber resilience is down slightly from last year, a new report found.

Thirty-two percent of IT and security professionals say their organization has a high level of cyber resilience – down slightly from 35 percent in 2015, according to a global study entitled “The 2016 Cyber Resilient Organization,” which involved 2,400 security and IT professionals, conducted by the Ponemon Institute for Resilient, an IBM Company.

Mfg Execs Weary of Cyber Protection
Cyber Plans in Place, Sort of: Report
Workers Unaware of Security Procedures
Potential of Proactive Cybersecurity: Report

The 2016 study also found 66 percent of respondents said their organization is not ready to recover if there was a cyberattack.

On top of that, 75 percent of respondents admitted they do not have a formal cyber security incident response plan that is applied consistently across the organization, according to the report.

Of those with an incident response plan in place, 52 percent have either not reviewed or updated the plan since it was put in place, or have no set plan for doing so.

For the second straight year, the study showed challenges with incident response (IR) are hindering cyber resilience.

Along those lines, 41 percent said the time to resolve a cyber incident has increased in the past 12 months, compared to only 31 percent who say it has decreased.

According to respondents, an incident response platform is among the most effective security technologies for helping organizations become cyber resilient, along with identity management and authentication, and intrusion detection and prevention systems.

The study also found common barriers to cyber resilience, where 66 percent of respondents said “insufficient planning and preparedness” was the top barrier to cyber resilience. Respondents also said the complexity of IT and businesses processes is increasing faster than their ability to prevent, detect, and respond to cyberattacks – leaving businesses vulnerable.

This year, 46 percent of respondents said the “complexity of IT processes” is a significant barrier to achieving a high level of cyber resilience, up from 36 percent in 2015. Fifty-two percent say “complexity of business processes” is a significant barrier, up from 47 percent in 2015.

Other key points from the survey found:
• 53 percent of respondents said they suffered at least one data breach in the past two years
• 74 percent said they faced threats due to human error in the past year
• When examining the past two years, 74 percent said they have been compromised by malware on a frequent basis, and 64 percent have been compromised by phishing on a frequent basis.
• 68 percent don’t believe their organizations have the ability to remain resilient in the wake of a cyberattack
• 66 percent aren’t confident in their organization’s ability to effectively recover from an attack.

Click here to register for the report.

Leave a Reply

You must be logged in to post a comment.