The Global Breach Readiness Survey covered 170 companies across 30 countries and used the RSA-backed Security for Business Innovation Council as a benchmark for cybersecurity best practices, EMC said Tuesday.
Approximately 30 percent of all businesses surveyed do not have an incident response plan in place and 57 percent of organizations with incident response plans admitted that they do not review or update such documents.
“As business has become increasingly digital, information security has become a key area of operational risk and while many organizations may feel they have a good handle on their security, it is still rarely tied in to a larger operational risk strategy,” said Dave Martin, RSA chief trust officer.
RSA also found 72 percent of respondents have access to endpoint forensics or malware analysis tools.
However, only 42 percent use packet and network flow analyzers to examine advanced risks to networks, according to survey findings.
An SBIC study revealed that more than 90 percent of all council members said their organizations have implemented automated cyber defense platforms and strategies to cut their risk of future computer security incidents.