A new study backed by the Ponemon Institute and IBM‘s Resilient subsidiary says 32 percent of information technology and security personnel claim there is a high level of cyber resilience in their organizations.
IBM said Wednesday Ponemon interviewed 2,400 security and IT respondents across the world for the Resilient-sponsored 2016 Cyber Resilient Organization study.
“This year’s Cyber Resilience study shows that organizations globally are still not prepared to manage and mitigate a cyberattack,” said John Bruce, Resilient CEO and co-founder.
“Security leaders can drive significant improvement by making incident response a top priority — focusing on planning, preparation, and intelligence,” Bruce added.
The report shows 66 percent of IT and security professionals believe their organizations are not prepared to recover from cyberattacks.
Seventy-five percent of respondents say they do not have a formal cybersecurity incident response plan that is consistently implemented across their organizations while 52 percent of respondents with CSIRP in place have not reviewed or updated the plan since it was applied.
The study also found 41 percent of respondents say cyber incident response time has increased in the past 12 months while 31 percent claim it has decreased.
Sixty-six percent of IT and security professionals regard “insufficient planning and preparedness” as the top barrier to cyber resilience while 46 and 52 percent respectively rank “complexity of IT processes” and “complexity of business processes” as significant barriers.
Respondents listed incident response platform; identity management and authentication; and intrusion detection and prevention systems as the most effective technologies for efforts to achieve cyber resilience.