News

Firms failing to implement watertight cyber security incident response plans

Without a fully tested plan, organisations may find a breach costs $1million more than those whose plans are tried and tested...

15 Apr 2019

.polaris__post-meta--date { display: none; } .polaris__post-meta--date.no-script { display: block; padding-left: 45px } 15 Apr 2019

More than three quarters of businesses don't have a consistent cyber security incident response plan and half of businesses that do have one in place haven't tested them, according to research by Ponemon Institute.

Those who have thoroughly tested their plans are able to contain an attack within 30 days, which should offer some motivation to those not properly preparing for an incident. Indeed, on average, businesses that have a robust cybersecurity incident plan save over $1 million on the total cost of a data breach, according to the research, which was commissioned by IBM.

"Failing to plan is a plan to fail when it comes to responding to a cybersecurity incident," Ted Julian, vice president of product management and co-founder of IBM Resilient.

"These plans need to be stress tested regularly and need full support from the board to invest in the necessary people, processes and technologies to sustain such a program. When proper planning is paired with investments in automation, we see companies able to save millions of dollars during a breach."

In addition, IBM said that not properly preparing for an incident could also lead to a business falling foul of the GDPR guidelines. Nearly half of businesses questioned in the research said they were not fully compliant with the GDPR.

One of the biggest barriers to being fully compliant and having a watertight strategy is that businesses still don't have the staffing they need for cyber security to be as secure as it could be.

IBM has suggested that cyber security incident management automation will become a more popular topic in future. Although businesses are already using automation for identity management and authentication, incident response platforms and security information and event management (SIEM) tools are still gaining popularity.

Security

Featured Resources

2021 Thales cloud security study

The challenges of cloud data protection and access management in a hybrid and multi cloud world

.imgHideOnJavaScriptDisabled_https://media.itpro.co.uk//image/upload/f_auto,t_resource-card-mobile@1/v1636719403/itpro/Whitepaper%20covers/Thales_cloud_security_cover.png { display: none !important; }

Free download

IDC agility assessment

The competitive advantage in adaptability

.imgHideOnJavaScriptDisabled_https://media.itpro.co.uk//image/upload/f_auto,t_resource-card-mobile@1/v1633441054/itpro/Whitepaper%20covers/IDC_Agility_Assessment_cover.png { display: none !important; }

Free Download

Digital transformation insights from CIOs for CIOs

Transformation pilotes, co-pilots, and engineers

.imgHideOnJavaScriptDisabled_https://media.itpro.co.uk//image/upload/f_auto,t_resource-card-mobile@1/v1638446472/itpro/Whitepaper%20covers/Genpact_cover.png { display: none !important; }

Free download

What ITDMs did next - and what they should be doing now

Enable continued collaboration and communication for hybrid workers

.imgHideOnJavaScriptDisabled_https://media.itpro.co.uk//image/upload/f_auto,t_resource-card-mobile@1/v1638281303/itpro/Whitepaper%20covers/logitech_What_ITDMs_did_next.png { display: none !important; }

Firms failing to implement watertight cyber security incident response plans

Without a fully tested plan, organisations may find a breach costs $1million more than those whose plans are tried and tested...

Most Popular

Get the IT Pro newsletter

Get the free daily newsletter from IT Pro, delivering the latest news, reviews, insights and case studies