Nearly 77 per cent companies lack proper cyber security measures and almost half of them have either informal/ad hoc or completely non-existent response plans in case of a data breach, a global study said on Wednesday.
Despite the lack of formal planning, 72 per cent still feel more cyber resilient today than they were last year, said the study conducted by leading IT security research organisation Ponemon Institute and sponsored by IBM Resilient, an IBM company.
"In fact, 60 percent of respondents consider a lack of investment in Artificial Intelligence (AI) and Machine Learning (ML) as the biggest barrier to cyber resilience.
"A response plan that orchestrates human intelligence with machine intelligence is the only way security teams are going to get ahead of the threat and improve overall cyber resilience," said Ted Julian, Vice President of Product Management and Co-Founder, IBM Resilient.
Nearly 57 per cent of the respondents said the time to resolve an incident has increased while 65 per cent reported the severity of the attacks has increased.
"These areas represent some of the key factors impacting overall cyber resiliency. These problems are further compounded by just 31 per cent of those surveyed having an adequate cyber resilience budget in place and difficulty retaining and hiring IT Security professionals (77 per cent), the report noted.
The lack of a consistent CSIRP is a persistent trend each year despite a key finding from IBM’s 2017 Cost of a Data Breach Study. The cost of a data breach was nearly $1 million lower on average when organizations were able to contain the breach in less than thirty days – highlighting the value and importance of having a strong CSIRP.
The global survey features insight from more than 2,800 security and IT professionals from around the world, including the United States, United Kingdom, France, Germany, Brazil, Asia-Pacific, Middle East, and Australia.
“A sharp focus in a few crucial areas can make a big difference when it comes to Cyber Resilience,” said Dr. Larry Ponemon. “Ensuring the security function is equipped with a proper incident response plan, staffing, and budget will lead to a stronger security posture and better overall Cyber Resilience.”