Two-thirds of global organizations not prepared to recover from cyberattacks: IBM and Ponemon Institute study

Two-thirds (66%) of respondents to a study conducted by the Ponemon Institute have reported that their organization is not prepared to recover from cyberattacks.

Resilient, an IBM Company and sponsor of the report, and the Ponemon Institute, revealed the results of their annual 2016 Cyber Resilient Organization study on Wednesday. The study found that only 32% of IT and security professionals say their organization has a high level of cyber resilience – down slightly from 35% in 2015.

The survey features insight from more than 2,400 security and IT professionals from around the world, including the United States, United Kingdom, France, Germany, United Arab Emirates, Brazil and Australia, IBM said in a press release.

For the second straight year, the study showed that challenges with incident response are hindering cyber resilience, defined as “an organization’s ability to maintain its core purpose and integrity in the face of cyberattacks.” Seventy-five percent of respondents admitted that they do not have a formal cyber security incident response plan (CSIRP) that is applied consistently across the organization. Of those with a CSIRP in place, 52% have either not reviewed or updated the plan since it was put in place, or have no set plan for doing so, the study found. Additionally, 41% said the time to resolve a cyber incident has increased in the past 12 months, compared to only 31% who say it has decreased.

“This year’s cyber resilience study shows that organizations globally are still not prepared to manage and mitigate a cyberattack,” said John Bruce, CEO and co-founder of Resilient, in the release. “Security leaders can drive significant improvement by making incident response a top priority – focusing on planning, preparation, and intelligence.”

According to respondents, an incident response platform is among the most effective security technologies for helping organizations become cyber resilient, along with identity management and authentication, and intrusion detection and prevention systems.

“While companies are seeing the value of deploying an incident response plan, there is still a lag in having the appropriate people, processes and technologies in place,” said Dr. Larry Ponemon, chairman and founder of the Ponemon Institute. “We are encouraged that this is becoming a more important part of an overall IT security strategy.”

The study also uncovered common barriers to cyber resilience: the majority – 66% – said that “insufficient planning and preparedness” was the top barrier. Respondents also indicated that the complexity of IT and businesses processes is increasing faster than their ability to prevent, detect, and respond to cyberattacks – leaving businesses vulnerable. This year, 46% of respondents said the “complexity of IT processes” is a significant barrier to achieving a high level of cyber resilience, up from 36% in 2015. Fifty-two per cent say “complexity of business processes” is a significant barrier, up from 47% in 2015, the release added.

Other study findings include:

• More than half (53%) of respondents said that they suffered at least one data breach in the past two years. Of those breached, 57% said that they had more than one data breach in the past two years;
• 74% said they faced threats due to human error in the past year;
• When examining the past two years, 74% said they have been compromised by malware on a frequent basis, and 64% have been compromised by phishing on a frequent basis;
• 23% of respondents have no incident response plan at all;
• 48% said their organization’s cyber resilience has either declined (4%) or not improved (44%) over the past 12 months; and
• 41% said the time to resolve a cyber incident has increased or increased significantly, while only 31% said it has decreased or decreased significantly.