Cybersecurity response planning rises but containing attacks remains an issue: IBM

While cybersecurity response planning is slowly improving, a vast majority of orgsations surveyed by IBM Security and Ponemon Institute (74 per cent) are still reporting that their plans are either ad-hoc, applied inconsistently or that they have no plans at all.

This lack of planning can impact the cost of security incidents as compes that have incident response teams and extensively test their incident response plans spend an average of 1.2 million dollars less on data breaches than those who have both of these cost-saving factors in place.

The study's results from India show that 45 per cent of respondents pointed to an increase in their cyber resilience. This change has been analysed in parameters throughout. Nearly 56 per cent of respondents claimed that the time to report an incident had improved while 55 per cent reported that their ability to contain the incident had improved.

And 46 per cent of respondents have been willing to stop cyber-attacks. Factors leading to an improved cyber resilience study by 45 per cent of respondents included recruiting professional workers, better practices in information governance and consistency in applications and data properties.

"While Indian orgsations have shown improvement in terms of their cyber resiliency by hiring skilled professionals and overall planning, there needs to be a lot more done to manage the dynamic cybersecurity landscape," said Vikas Arora, Vice President for IBM Cloud and Cognitive Software & Services for IBM India and South Asia.

"Orgsations need to look at testing their cybersecurity incident response plan regularly and leverage technologies like automation, artificial intelligence and interoperable solutions to help sail through any unforeseen situation," he said.

The global survey conducted by Ponemon Institute and sponsored by IBM Security found that respondents' security response efforts were hindered by the use of too many security tools, as well as a lack of specific playbooks for common attack types.

While orgsations surveyed have slowly improved in their ability to plan for, detect and respond to cyberattacks over the past five years, their ability to contain an attack has declined by 13 per cent during this same period.

The global survey found that respondents' security response efforts were hindered by the use of too many security tools as well as a lack of specific playbooks for common attack types.

"Orgsations must also focus on testing, practicing and reassessing their response plans regularly," said Wendi Whitmore, Vice President of IBM X-Force Threat Intelligence. "Leveraging interoperable technologies and automation can also help overcome complexity challenges and speed the time it takes to contain an incident."

Conducted by the Ponemon Institute and sponsored by IBM Security, the 2020 Cyber Resilient Orgsation Report is the fifth installment covering orgsations' ability to properly prepare for and handle cyberattacks.

The survey features insight from more than 3,400 security and IT professionals from around the world including the United States, India, Germany, United Kingdom, Brazil, Japan, Australia, France, Canada, ASEAN and the Middle East.

( With inputs from ANI )