Responding to incidents is a challenge for pretty much every company in North America

A new report by IT analyst firm Enterprise Strategy Group sheds more light on the IR issue.


Both the efficiency and effectiveness of incident response (IR) teams in North American organisations are limited, due to the lack of qualified cybersecurity professionals, and the fact that these organisations rely heavily on manual resources. That is why, out of 100 IT pros, 97 per cent have either taken steps, or are considering automating and orchestrating incident response processes in the next 18 months. 

This is according to a new report by IT analyst firm Enterprise Strategy Group (ESG). 

“Nearly every organisation admits to challenges in the way they currently handle incident response, forcing them to look for other options. Big changes are coming,” said Jon Oltsik, senior principal analyst at ESG.  

“Based on input from practitioners in the field, it’s clear that organizations see the value of IR automation and orchestration and we’re just at the beginning of this trend.” The report says that 98 per cent of organisations are having trouble responding to incidents, while 71 per cent said incident response has become more difficult in the last two years. 

The three biggest challenges in IR are monitoring processes from one end to another (47 per cent), keeping up with the volume of data surrounding threats (46 per cent), and staying up to date with all the various security alerts (43 per cent). The report also says that CISOs have a ‘robust plan’ for IR spending in the next couple of years. 

More than nine in ten (91 per cent) will increase spending, with 40 per cent saying they will increase it ‘significantly’. No one said they would decrease spending, and half are planning on improving the alignment between IR and IT governance processes.

Image Credit: alphaspirit / Shutterstock