If the company you work for is hit by a cyber attack, chances are it’s not ready to respond, according to a new survey from IBM.
Only 32 percent of companies participating in the study said they have what IBM calls a “high level of Cyber Resilience,” including an incident response plan.
Even where companies are prepared, 41 percent say the time to resolve a cyber incidence takes longer now than a year ago.
IBM-owned Resilient and the Ponemon Institute conducted the study.
Key takeaways include:
Companies are experiencing frequent and successful cyberattacks
- More than half (53 percent) say they suffered at least one data breach in the past two years
- 74 percent say they faced threats due to human error in the past year
- When examining the past two years, 74 percent say they have been compromised by malware on a frequent basis, and 64 percent have been compromised by phishing on a frequent basis
Organizations can’t maintain operations effectively or recover quickly post-attack
- 68 percent don’t believe their organizations have the ability to remain resilient in the wake of a cyberattack
- 66 percent aren’t confident in their organization’s ability to effectively recover from an attack
A lack of planning and preparation is the biggest barrier
- Only 25 percent have an incident response plan applied consistently across the organization. Twenty-three percent have no incident response plan at all
- Only 14 percent test their incident response plans more than one time per year
- 66 percent cite a lack of planning as their organization’s biggest barrier to becoming resilient to cyberattacks
Ability to respond to a cyberattack has not improved significantly
- 48 percent say their organization’s Cyber Resilience has either declined (4 percent) or not improved (44 percent) over the past 12 months
- 41 percent say the time to resolve a cyber incident has increased or increased significantly, while only 31 percent say it has decreased or decreased significantly
Read more about the study at: