Organisations are losing the war against cybercriminals, and their cybersecurity efforts are slowly waning. This is according to a new report by Resilient (an IBM company) and the Ponemon Institute, which says that only 32 per cent of IT security pros consider their organisation highly cyber resilient. Last year, it was 35 per cent. Also, two thirds (66 per cent) don’t believe their organisations are prepared to recover from cyberattacks.
The biggest obstacle (still) seems to be incident response, as 75 per cent of respondents have said they don’t have a plan of action (Cyber Security Incident Response Plan – CSIRP). Those that do have CSIRP, more than half (52 per cent) haven’t reviewed or updated it since it was conceived. They also don’t plan on doing it. More than four in ten (41 per cent) said it now takes more time to handle a cyberincident, as well.
"This year’s Cyber Resilience study shows that organisations globally are still not prepared to manage and mitigate a cyberattack," said John Bruce, CEO and co-founder of Resilient, an IBM Company.
“Security leaders can drive significant improvement by making incident response a top priority – focusing on planning, preparation, and intelligence.” Still, incident response plans seem to be the most effective technology to help organisations combat cyber security incidents, the report concludes.
Image source: Shutterstock/AlexLMX