Cyber-Security Incident Response Plans Lacking, IBM Reports
Defending against potential cyber-attacks isn’t just about prevention; it’s also about having the resilience to respond and recover.
Unfortunately, the majority of organizations aren’t properly prepared for cyber-security incident response, according to the 2019 Study on the Cyber Resilient Organization, released on April 11 by IBM Security. The report was conducted by the Ponemon Institute and is based on a global survey of 3,655 IT security professionals from around the world.
In this eWEEK Data Points article, we look at some of the key highlights from the study and what positive steps organizations can and should be taking to help improve cyber-resilience.
Data Point No. 1: Most organizations do not have a consistent incident response plan.
Seventy-seven percent of respondents admitted that their organization does not have a cyber-security incident response plan applied consistently across the enterprise.
“Although cyber-security is a high priority, often considered alongside other major business, we were surprised how few organizations reported having response plans in place,” Ted Julian, vice president of product management and co-founder of IBM Resilient, told eWEEK. “Given advancements in others areas of incident response, this is particularly baffling and worth investigating next year.” ..Read more..