More than half of organisations with cybersecurity plans fail to test them - IBM

IBM Security has announced the results of a global study exploring organisations’ preparedness when it comes to withstanding and recovering from a cyberattack. The study, conducted by the Ponemon Institute on behalf of IBM, found that a vast majority of organisations surveyed are still unprepared to properly respond to cybersecurity incidents, with 77 per cent of respondents indicating they do not have a cybersecurity incident response plan applied consistently across the enterprise.


While studies show that companies who can respond quickly and efficiently to contain a cyber attack within 30 days save over $1 million on the total cost of a data breach on average, shortfalls in proper cybersecurity incident response planning have remained consistent over the past four years of the study. Of the organizations surveyed that do have a plan in place, more than half (54 per cent) do not test their plans regularly, which can leave them less prepared to effectively manage the complex processes and coordination that must take place in the wake of an attack.


The difficulty cybersecurity teams are facing in implementing a cybersecurity incident response plan has also impacted businesses’ compliance with the General Data Protection Regulation (GDPR). Nearly half of respondents (46 per cent say their organisation has yet to realize full compliance with GDPR, even as the one-year anniversary of the legislation quickly approaches.


“Failing to plan is a plan to fail when it comes to responding to a cybersecurity incident. These plans need to be stress tested regularly and need full support from the board to invest in the necessary people, processes and technologies to sustain such a program,” said Ted Julian, Vice President of Product Management and Co-Founder, IBM Resilient. “When proper planning is paired with investments in automation, we see companies able to save millions of dollars during a breach.”


Download the full report here.

more news

Half Of Global Organisations Not Prepared For Cyberattacks


It is believed that more than 4,000 cyberattacks occur daily worldwide, but half of organisations across the globe admit they are not prepared for such events.

read more

Secure Your Physical Business Against Data Theft


Data theft does not just happen in cyberspace, but in the physical business environment, too. Lax physical security can allow criminals to access your computers, filing cabinets, documents left on desktops, etc. Here are some tips for you to ensure your everyday working environment is safe and secure.

read more

UK Launches Third NCSC Annual Review


Paymaster General and Minister for the Cabinet Office Oliver Dowden MP has launched the UK's National Cyber Security Centre's third Annual Review. In his presentation speech, he said: "Thank you, everyone, for joining us this morning. Cybersecurity is genuinely a massive priority for the government and it gives me great pleasure to launch the National Cyber Security Centre’s third Annual Review.

read more

Kaspersky Releases Information Security Report


To budget for information security, companies need to consider factors such as average potential losses, preferably by incident type, as well as other businesses’ average, outlays on security. Precise data on such questions do not get published, which is why Kaspersky conducts an annual survey of employees who make business decisions related to IT security for a variety of companies. The results of its 2019 survey have just been published.

read more