According to a new Deloitte poll released this morning, 46% of executive-level respondents say their business or enterprise experienced a cybersecurity incident over the last year. Additionally, 1,500 surveyed executives say they are only “somewhat confident” in their enterprise’s threat response and remediation capabilities.
Some key findings from this new Deloitte poll include:
- 30% of C-Level executives said lack of employee understanding regarding cyber incident response plans is their enterprise’s biggest cybersecurity challenge.
- 20% said the biggest challenge is a lack of funding, tools, and skills to fully implement their cybersecurity.
- 34% of C-Level executives say they do not know their role with their enterprise’s incident response plan.
- 49% say they do not conduct cybersecurity wargame exercises.
In a statement Andrew Morrison, Principal at Deloitte Risk and Financial Advisory Cyber Risk Services, said: “We used to say it’s ‘not if, but when’ an organization will experience a cyber incident. That message has evolved well beyond a single incident to ‘how often’ or ‘how to respond to and withstand persistent attacks.’”
“Improving internal processes and providing employees with the knowledge, practice and skills needed to succeed can help organizations mitigate risk through preparedness, as well as increase overall business resilience to future attacks.”
Deloitte recommends enterprise conduct cybersecurity wargame exercises to help employees understand your enterprise’s incident response plan, hone their collective judgment capabilities, and improve their digital reflexes. These wargames need not be elaborate to begin with; they just need to have clear learning objectives and relate to a plausible cybersecurity scenario.
Deloitte is an audit, consulting, tax and advisory services provider. You can read more about their recent poll here.
Other Resources from Solution Review:
Latest posts by Ben Canner (see all)
- Next-Gen Security Analytics Should Form Your Cybersecurity Linchpin - April 19, 2019
- [VIDEO] Solutions Review Explores: What is SIEM? - April 16, 2019
- Enterprise SIEM Evolution; Cybersecurity Isn’t Static - April 15, 2019