IBM and Ponemon Institute: no, business is still not ready for cyber attacks

IBM has partnered with Ponemon Institute for a long time to investigate the resilience of the infrastructure of various companies and organizations to cyber attacks. The study itself was called "Cyber ​​Resilient Organization" . The results were pretty interesting. And the opinion about the companies' readiness to confront cyber attacks was expressed not by outside experts, but by the IT specialists of these companies themselves.

So, the survey results are unambiguous. 66% of respondents who participated in the study in 2016, believe that their organizations are not ready for cyber attacks and the recovery process after them. Only 32% of the polled experts reported that their companies have a high level of cyber defense. In 2015, the same indicator was 35%.

The main problem is that companies are not ready to respond quickly and effectively to cyber attacks. In 75% of organizations, there is no plan at all in case of an attack by intruders. Such a plan is usually called Cyber ​​Security Incident Response Plan. In those organizations where such a plan was created, more than half did not revise or update the plan after changes in the infrastructure. About 41% of respondents noted that the time it takes to solve problems associated with conducting a cyber attack has now significantly increased. At the same time, 31% of respondents believe that this figure has decreased in their organizations.
')
“A study of the resilience of enterprises to cybersecurity threats shows that in 2016 organizations around the world are still not ready to respond and neutralize incidents,” said John Bruce, head and co-founder of Resilient, IBM. “Security leaders can make significant improvements by making incident response a top priority and focusing on planning, preparing and gathering information.”

The interviewed experts believe that the so-called. Incident Response Platform (Eng. Incident Response Platform) is one of the most effective security technologies that helps organizations of any type better counter cybercrime attacks. Additional tools, including identification, authentication, hacking detection and prevention systems, also help.

Among the reasons that prevent companies from coping with the consequences of cyberattacks, experts call it the lack of planning and low preparedness for such attacks. Another significant role is played by the fact that the complexity of IT and business processes is growing very quickly. Information security specialists simply do not cope with such active growth, resulting in a reduced ability of companies to prevent, detect, and respond to cyber attacks. This year, about 46% of respondents named the increasing complexity of such processes as the main reason for the lack of effective information protection for businesses. This figure rose to the current level from 36% last year.

The main findings of the study

Companies undergo frequent and successful cyber attacks

• More than half of respondents (53%) suffered from at least one data leakage in the last two years;
• 74% of respondents said that over the past year they have faced cyber threats caused by the human factor;
• Evaluating the past two years, 74% of respondents said that they had been subjected to numerous hacker attacks, and 64% were repeatedly compromised using phishing.

Organizations cannot ensure continuous operation and recover quickly after attacks.

• 68% believe that their organizations are not able to resist cyber attacks;
• 66% are not sure that their company can recover effectively after an attack.

The biggest barrier is the lack of planning and preparation.

• Only 25% use an incident response plan. 23% did not accept such a plan;
• Only 14% of respondents audit incident response plans more than once a year;
• 66% cite lack of planning as the biggest barrier preventing their organization from becoming resistant to cyber attacks.

The ability to respond to cyber attacks has not significantly improved

• 48% believe that their organization’s resistance to cyber attacks has decreased (4%) or has not improved (44%) in the past 12 months;
• 41% of respondents believe that the elimination of a cybersecurity incident has increased or increased significantly, while 31% said it has decreased or decreased significantly.

Another study recently conducted by the IBM Institute for Business Value is related to current research. The results of this study demonstrated that reducing the response time to cybersecurity incidents is a key task for IT experts. Despite the fact that many people understand this, the results remain the same - companies are almost not ready to repel cyber attacks and eliminate their consequences. The problem is the shortage of qualified specialists.

“Companies understand the importance of using an incident response plan, but at the same time there is still a shortage of competent specialists, as well as relevant processes and technologies in the enterprise,” said Dr. Larry Ponemon. “We are pleased to note that this issue is becoming increasingly important in the overall information security strategy of companies.”

In total, more than 2.4 IT specialists from around the world took part in the IBM and Ponemon Institute study. In particular, experts from the USA, Great Britain, Brazil, Australia, the United Arab Emirates, France and other countries answered the questions of the authors of the study.