More than half of organisations with cybersecurity plans fail to test them - IBM

IBM Security has announced the results of a global study exploring organisations’ preparedness when it comes to withstanding and recovering from a cyberattack. The study, conducted by the Ponemon Institute on behalf of IBM, found that a vast majority of organisations surveyed are still unprepared to properly respond to cybersecurity incidents, with 77 per cent of respondents indicating they do not have a cybersecurity incident response plan applied consistently across the enterprise.


While studies show that companies who can respond quickly and efficiently to contain a cyber attack within 30 days save over $1 million on the total cost of a data breach on average, shortfalls in proper cybersecurity incident response planning have remained consistent over the past four years of the study. Of the organizations surveyed that do have a plan in place, more than half (54 per cent) do not test their plans regularly, which can leave them less prepared to effectively manage the complex processes and coordination that must take place in the wake of an attack.


The difficulty cybersecurity teams are facing in implementing a cybersecurity incident response plan has also impacted businesses’ compliance with the General Data Protection Regulation (GDPR). Nearly half of respondents (46 per cent say their organisation has yet to realize full compliance with GDPR, even as the one-year anniversary of the legislation quickly approaches.


“Failing to plan is a plan to fail when it comes to responding to a cybersecurity incident. These plans need to be stress tested regularly and need full support from the board to invest in the necessary people, processes and technologies to sustain such a program,” said Ted Julian, Vice President of Product Management and Co-Founder, IBM Resilient. “When proper planning is paired with investments in automation, we see companies able to save millions of dollars during a breach.”


Download the full report here.

more news

65000 GDPR Data Breaches In Europe To Date


European privacy authorities have received almost 65,000 data breach notifications since the EU's new privacy law went into full effect. In addition, regulators in 11 European countries have imposed $63 million in General Data Protection Regulation fines.

read more

More than half of British firms 'report cyberattacks in 2019'


The proportion of UK firms reporting a cyberattack has jumped, despite most businesses admitting they are under-prepared for breaches, according to research from Hiscox reported by the BBC. The insurer found 55 per cent had faced an attack in 2019, up from 40 per cent last year.

read more

Sloppy IT Processes Risk Cyberattacks - McAfee


McAfee this week published a report that turns familiar survey findings on their heads by reporting that most cybersecurity breaches are the result of lax IT processes rather than mistakes made by end users.

read more

Cybercrime Soaring Reports MalwareBytes


Cybercrime is accelerating at a worrying rate, reports MalwareBytes in its Q1 2019 report. Every quarter that goes by shows more alarming data as to how much cybercrime activity is going on out there, with organizations and companies being called to face and deal with an increasing amount of threats, coming literally from everywhere.

read more