IBM Security Study: Incident Response Plans More Important than More Staff?

IBM Security study incident response plan

IBM Security today announced the results of a survey, conducted by the Ponemon Institute ,of 2,800 security and IT professionals from around the globe. The results found a surprising optimism among enterprises concerning their cybersecurity.

72% of enterprises surveyed report feeling more fortified against cyber attacks than last year. 61% say their new-found confidence stems from hiring new cybersecurity professionals to their workforces. However, IBM Security noted that this optimism may be misplaced, based on the other findings in their survey:   

  • 77% of the IT specialists surveyed say their enterprise doesn’t have a formal incident response plan.
  • 57% of enterprises admitted the time of their incident resolution has increased in the past year.
  • 65% report seeing an increase in the severity of the cyber attacks they’ve faced.
  • Only 31% of security professionals feel they have a sufficient budget for cybersecurity.
  • 77% said that they still have difficulty hiring and retaining cybersecurity staff.
  • Only 29% of IT professionals say they have the right staff for adequate cybersecurity protection.
  • 23% says they do not have a cybersecurity leader.  
  • 50% say their cybersecurity leader has been in place for only 3 years or less.

Most worrying to IBM Security was the absence of incident response plans. Close to half of the respondents said their enterprise has an informal, ad hoc, or absolutely no incident response plan. According to Ted Julian, cofounder of IBM Resilient: “Organizations may be feeling more Cyber Resilient today, and the biggest reason why was hiring skilled personnel. Having the right staff in place is critical but arming them with the most modern tools to augment their work is equally as important. A response plan that orchestrates human intelligence with machine intelligence is the only way security teams are going to get ahead of the threat and improve overall Cyber Resilience.”

In other words, without a proper incident response plan, all that talent and technology will operate without direction—and therefore, sub-optimally. GDPR, which will go into effect in May this year, will require enterprises that have an incident response plan. Most respondents do not feel confidence in compliance. Setting up an incident response plan can be the first step to building that confidence.     

 

Ben Canner

Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.
Ben Canner

Leave a Reply

Your email address will not be published. Required fields are marked *