66% of organizations won’t recover after cyberattack, study says

19/11/2016 19:16

A recent study performed by IBM’s Resilient and the Ponemon Institute found that 66% of organizations would be unable to recover from a cyberattack. The results of the 2016 Cyber Resilient Organization study were released Wednesday, and show a decline in organizational resilience against cyberattacks.

Of the respondents, 32% of IT and security professionals ranked their resilience as high. That same number was 35% in 2015, marking a drop over the past 12 months. A  press release announcing the study defined resilience as “an organization’s ability to maintain its core purpose and integrity in the face of cyberattacks.”

One of the biggest hindrances to effective security listed by respondents was the lack of a proper cyber security incident response plan (CSIRP). However, it should be noted that Resilient provides incident reporting services.

“While companies are seeing the value of deploying an incident response plan, there is still a lag in having the appropriate people, processes, and technologies in place,” Larry Ponemon said in the press release. “We are encouraged that this is becoming a more important part of an overall IT security strategy.”

The next highest barrier to proper resilience, as listed by 66% of respondents, was “insufficient planning and preparedness.” The report also noted that 46% listed “complexity of IT processes” as something that kept their organization from achieving resilience. That number is up from 36% last year.

The study also looked at what type of security incidents the respondents were experiencing. Some 53% reported that they had dealt with at least one data breach in the past two years. Over that same period, 74% said their organization had experienced threats as a result of “human error,” the release said.

Malware (74%) and phishing (64%) topped the list of frequently-experienced attacks. And, while most respondents were not confident in their organization’s ability to recover from an attack, 68% believed their organization could at least remain resilient.

In all, 2016 has seen some of the worst cyberattacks in recent history. With the  DYN DDoS attack taking out many major web properties and other high-profile attacks, it’s no wonder companies are losing confidence in their security.

Read more: https://cybernewsgroup.co.uk/66-of-organizations-wont-recover-after-cyberattack-study-says/