77% of Orgs Lack a Cybersecurity Incident Response Plan

The fourth annual benchmark on cyber resilience authored by  Larry Ponemon and paid for by IBM shows that 77% of the organizations surveyed do not have a cybersecurity incident response program applied consistently across the organization.

Does your organization have an effective, trained and tested cybersecurity incident response program (CSISP) that works across all parts of your organization?

For organizations that said that they do have an CSIRP,  54% said that they do not test it regularly.   Not testing it regularly is the equivalent of not having one.  That is more than half.

Other results from the study include:

  • Less than 25% of the organizations say that they use significant automation in responding to breaches.
  • Only 30% said that they had sufficient cybersecurity staffing.
  • 62% said that aligning cybersecurity and privacy is critical to achieving cyber resilience.

There are some pretty clear recommendations that can be drawn from these results:

1. The three-quarters of organizations that do not have incident response plans need to create one (having one reduces the cost of a breach significantly according to another study).

2. Organizations need to test their plans regularly. 

3. Automation improves the speed and consistency of response.  Not having automation makes response more problematic.

4.  Staffing is still an issue and staffing with the right skills is a problem.

5. With all of the new privacy regulations (such as CCPA, GDPR and others), privacy incident management and security incident management need to be tightly aligned.

How well does your organization do?

Contact us if you need assistance in improving your program.

For more information on the study, go to Help Net Security‘s web site.

Leave a Reply

Your email address will not be published. Required fields are marked *