IBM/Ponemon Survey: Businesses Still Struggling with Cybersecurity Incident Response


Although feeling more confident, most organizations are shaky at best when it comes to being prepared in terms of cybersecurity incident response, according to a new survey conducted by the Ponemon Institute and sponsored by IBM Resilient.

The survey features insight from more than 2,800 security and IT professionals globally, including the United StatesUnited Kingdom, France, Germany, Brazil, Asia-Pacific, Middle East and Australia.

IBM Resilient's Ted Julian

IBM Resilient’s Ted Julian

Ted Julian, IBM Resilient‘s vice president of product management and co-founder, tells Channel Partners the biggest takeaway for the channel is that organizations globally still have many areas to improve upon to achieve a high level of cyber resilience, or the “ability to maintain its core purpose and integrity in the face of cyberattacks.”

“This presents plenty of opportunities for channel partners to step in and fill these gaps,” he said. “The key stat in the report shows that 77 percent of respondents admit they do not have a formal cybersecurity incident response plan (CSIRP) applied consistently across their organization. This can be a huge opportunity for channel partners. Partners can assist their customers in helping them develop and implement security response plans, as well as run regular table top and simulation exercises to keep them relevant to changing threats.”

Despite this lack of formal planning, 72 percent of organizations report feeling more cyber resilient today than they were last year, according to the survey.

“But as we looked closely at the data, the numbers painted a different picture,” Julian said. “The average time it takes to resolve a security incident has increased, and the volume and severity of cyberattacks has increased. This is combined with the lack of a formal CSIRP, a stagnant security budget and lack of investment in artificial intelligence (AI) and machine learning. These factors highlight a need for improvement to achieve stronger cyber resilience — and an improvement that the channel can provide.”

Providing services that help to fill these gaps and provide guidance on formal CSIRPs is a “great way” for channel partners to help their customers better prepare for when incidents occur, Julian said.

“Perhaps more importantly is being properly aligned with customers,” he said. “Not being aligned can in some cases be the cause of cyberattacks, especially if partners are controlling the customer’s data. Another IBM study showed that the costs associated with data breaches can rise when a third-party partner is involved. The key for the channel is to be proactive in establishing cross-functional plans with customers to help them deliver on best practices.”

The cost of a data breach was nearly $1 million lower on average when organizations were able to contain the breach in less than 30 days — highlighting the value and importance of having a strong CSIRP, according to IBM Resilient.

“A sharp focus in a few crucial areas can make a big difference when it comes to cyber resilience,” said Larry Ponemon, chairman of the Ponemon Institute. “Ensuring the security function is equipped with a proper incident response plan, staffing and budget will lead to a stronger security posture and better overall cyber resilience.”

Leave a comment

Your email address will not be published. Required fields are marked *

The ID is: 96834