IT disaster recovery, cloud computing and information security news

More than three-quarters of businesses lack a formal cyber security incident response plan

IBM Security has published the results of a global study exploring the factors and challenges of being a cyber resilient organization. The study was conducted by Ponemon Institute and sponsored by IBM and found that 77 percent of respondents admit they do not have a formal cyber security incident response plan (CSIRP) applied consistently across their organization. Nearly half of the respondents reported that their incident response plan is either informal/ad hoc or completely non-existent.

Despite this lack of formal planning, 72 percent of organizations report feeling more cyber resilient today than they were last year. Highly resilient organizations (61 percent) attribute their confidence to their ability to hire skilled personnel – but organizations need both technology and people to be cyber resilient. In fact, 60 percent of respondents consider a lack of investment in AI and machine learning as the biggest barrier to cyber resilience.

This confidence may be misplaced, with the analysis revealing that 57 percent of respondents said the time to resolve an incident has increased, while 65 percent reported that the severity of the attacks has increased. These areas represent some of the key factors impacting overall cyber resiliency. These problems are further compounded by just 31 percent of those surveyed having an adequate cyber resilience budget in place and difficulty retaining and hiring IT security professionals (77 percent).

About the study

‘The 2018 Cyber Resilient Organization’ is the third annual benchmark study on cyber resilience – an organization’s ability to maintain its core purpose and integrity in the face of cyber attacks. The global survey features insight from more than 2,800 security and IT professionals from around the world, including the United States, United Kingdom, France, Germany, Brazil, Asia-Pacific, Middle East, and Australia.

More details.



Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

   

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.