Earlier this week, BAE Systems Applied Intelligence released their BAE Systems 2019 Incident Response Report. The report also carries the subtitle “Why Ignoring Incident Response Could Spell Disaster.” Perhaps unsurprisingly, the report found human error as the primary cause of most enterprise-level cybersecurity incidents. Further, the survey found many enterprises completely unprepared for a security breach with inadequate incident response plans.
Indeed, many enterprises’ cybersecurity incidents stem from a social engineering attack or similar exploitation of employees’ ignorance, negligence, or simple honest mistakes. 71% of enterprises surveyed said they experienced a phishing incident, the most common form of social engineering attack. Yet many enterprises still don’t offer cybersecurity training to help employees recognize these threats beforehand.
Key Threat Statistics from BAE Systems
Other key findings from the BAE Systems 2019 Incident Response Report on the threat landscape include insights into the extent of enterprise attacks.
- 66% of surveyed enterprises responded to between 1 and 25 cybersecurity incidents per month.
- 26% faced between 25 and 99 incidents.
- 8% responded to 100 or more incidents per month.
- 65% of incidents started with an untargeted virus or malware attack.
- 30% began with a targeted attack such as ransomware or an insider threat.
Are You Prepared?
BAE Systems’ survey also found general unpreparedness among its enterprise respondents concerning their incident response plans.
- 22% of respondents only have temporary or no incident response resources.
- 23% of incident response teams don’t conduct readiness exercises with their senior management.
- 52% of enterprises rely on in-house incident investigation and response.
In response, BAE Systems provides a few suggested guiding questions to help enterprises improve their incident response plan and critically evaluate it. These include asking what events your enterprise considers a security incident, who identifies the incident, and who the incident manager is during an incident.
You can read the full BAE Systems 2019 Incident Response Report here.
Latest posts by Ben Canner (see all)
- Top Five SIEM Books for Cybersecurity Professionals - September 17, 2020
- The Staples Data Breach: Why “Low Impact” Breaches Still Cause Serious Damage - September 15, 2020
- Recent SIEM Statisitics for Cybersecurity Professionals: Q3 2020 - September 11, 2020