IBM Study: Security Response Planning on the Rise, But Containing Attacks Remains an Issue
CAMBRIDGE, Mass., June 30, 2020 /PRNewswire/ -- IBM (NYSE: IBM) Security today announced the results of a global report examining businesses' effectiveness in preparing for and responding to cyberattacks. While organizations surveyed have slowly improved in their ability to plan for, detect and respond to cyberattacks over the past five years, their ability to contain an attack has declined by 13% during this same period. The global survey conducted by Ponemon Institute and sponsored by IBM Security found that respondents' security response efforts were hindered by the use of too many security tools, as well as a lack of specific playbooks for common attack types.
While security response planning is slowly improving, the vast majority of organizations surveyed (74%) are still reporting that their plans are either ad-hoc, applied inconsistently, or that they have no plans at all. This lack of planning can impact the cost of security incidents, as companies that have incident response teams and extensively test their incident response plans spend an average of $1.2 million less on data breaches than those who have both of these cost-saving factors in place.1
The key findings of those surveyed from the fifth annual Cyber Resilient Organization Report include:
"While more organizations are taking incident response planning seriously, preparing for cyberattacks isn't a one and done activity," said Wendi Whitmore, Vice President of IBM X-Force Threat Intelligence. "Organizations must also focus on testing, practicing and reassessing their response plans regularly. Leveraging interoperable technologies and automation can also help overcome complexity challenges and speed the time it takes to contain an incident."
Updating Playbooks for Emerging Threats
Amongst the minority of responding organizations who do have attack-specific playbooks, the most common playbooks are for DDoS attacks (64%) and malware (57%). While these methods have historically been top issues for the enterprise, additional attack methods such as ransomware are on the rise. While ransomware attacks have spiked nearly 70% in recent years,2 only 45% of those in the survey using playbooks had designated plans for ransomware attacks.
Additionally, more than half (52%) of those with security response plans said they have never reviewed or have no set time period for reviewing or testing those plans. With business operations changing rapidly due to an increasingly remote workforce, and new attack techniques constantly being introduced, this data suggests that surveyed businesses may be relying on outdated response plans which don't reflect the current threat and business landscape.
More Tools Led to Worse Response Capabilities
These findings suggest that adopting more tools didn't necessarily improve security response efforts — in fact, it may have done the opposite. The use of open, interoperable platforms as well as automation technologies can help reduce the complexity of responding across disconnected tools. Amongst high-performing organizations in the report, 63% said the use of interoperable tools helped them improve their response to cyberattacks.
Better Planning Pays Off
Looking at specific reasons that these organizations cited for their ability to respond to attacks, security workforce skills were found to be a top factor. 61% of those surveyed attributed hiring skilled employees as a top reason for becoming more resilient; amongst those who said their resiliency did not improve, 41% cited the lack of skilled employees as the top reason.
Technology was another differentiator that helped organizations in the report become more cyber resilient, especially when it comes to tools that helped them resolve complexity. Looking at organizations with higher levels of cyber resilience, the top two factors cited for improving their level of cyber resilience were visibility into applications and data (57% selecting) and automation tools (55% selecting). Overall, the data suggests that surveyed organizations that were more mature in their response preparedness relied more heavily on technology innovations to become more resilient.
About the Study
Review the full report here: https://www.ibm.com/account/reg/us-en/signup?formid=urx-45839
Sign up for our correlating webinar taking place July 23 at 11:00 AM ET here: https://event.on24.com/wcc/r/2448121/9297B87DE7A378D816846835989BD762
About IBM Security
1 IBM Security and Ponemon Institute: 2019 Cost of a Data Breach Report
2 IBM Security, 2020 X-Force Threat Intelligence Index, (2020), p. 15
View original content to download multimedia:http://www.prnewswire.com/news-releases/ibm-study-security-response-planning-on-the-rise-but-containing-attacks-remains-an-issue-301085557.html