Firms failing to implement watertight cyber security incident response plans

Without a fully tested plan, organisations may find a breach costs $1million more than those whose plans are tried and tested...

Cyber security

More than three quarters of businesses don't have a consistent cyber security incident response plan and half of businesses that do have one in place haven't tested them, according to research by Ponemon Institute.

Those who have thoroughly tested their plans are able to contain an attack within 30 days, which should offer some motivation to those not properly preparing for an incident. Indeed, on average, businesses that have a robust cybersecurity incident plan save over $1 million on the total cost of a data breach, according to the research, which was commissioned by IBM.

"Failing to plan is a plan to fail when it comes to responding to a cybersecurity incident," Ted Julian, vice president of product management and co-founder of IBM Resilient.

Advertisement - Article continues below

"These plans need to be stress tested regularly and need full support from the board to invest in the necessary people, processes and technologies to sustain such a program. When proper planning is paired with investments in automation, we see companies able to save millions of dollars during a breach."

In addition, IBM said that not properly preparing for an incident could also lead to a business falling foul of the GDPR guidelines. Nearly half of businesses questioned in the research said they were not fully compliant with the GDPR.

Advertisement
Advertisement - Article continues below

One of the biggest barriers to being fully compliant and having a watertight strategy is that businesses still don't have the staffing they need for cyber security to be as secure as it could be.

IBM has suggested that cyber security incident management automation will become a more popular topic in future. Although businesses are already using automation for identity management and authentication, incident response platforms and security information and event management (SIEM) tools are still gaining popularity.

Featured Resources

The case for a marketing content hub

Transform your digital marketing to deliver customer expectations

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

IT faces new security challenges in the wake of COVID-19

Beat the crisis by learning how to secure your network

Download now
Advertisement

Recommended

Visit/security/encryption/355820/k2view-innovates-in-data-management-with-new-encryption-patent
encryption

K2View innovates in data management with new encryption patent

28 May 2020
Visit/software/video-conferencing/355410/zoom-50-adds-256-bit-encryption-and-ui-refresh
video conferencing

Zoom 5.0 adds 256-bit encryption to address security concerns

23 Apr 2020
Visit/security/hacking/355382/whatsapps-flaw-shoulder-surfing
hacking

WhatsApp flaw leaves users open to 'shoulder surfing' attacks

21 Apr 2020
Visit/security/cyber-security/355368/microsoft-builds-ai-to-detect-security-flaws-with-99-accuracy
cyber security

Microsoft AI can detect security flaws with 99% accuracy

20 Apr 2020

Most Popular

Visit/infrastructure/server-storage/355785/dell-emc-poweredge-r7525-review-an-epyc-core-density-to-make
Server & storage

Dell EMC PowerEdge R7525 review: An EPYC core density to make Intel weep

26 May 2020
Visit/infrastructure/network-internet/355792/intel-releases-wi-fi-and-bluetooth-driver-updates-for
Network & Internet

Intel releases Wi-Fi and Bluetooth driver updates for Windows 10

26 May 2020
Visit/operating-systems/microsoft-windows/355781/microsoft-confirms-further-issues-with-troublesome
Microsoft Windows

Microsoft's latest Windows 10 update is causing yet more issues

26 May 2020