Organisations are not ready for GDPR and responding to a cybersecurity incidents is still a major challenge for businesses according to a IBM Study.
IBM Security has launched the results of a global study exploring the factors and challenges of being a ‘Cyber Resilient organisation’. The study was conducted by Ponemon Institute and sponsored by IBM Resilient.
It found that 77% of respondents admit they do not have a formal cyber security incident response plan (CSIRP) applied consistently across their organisation. While nearly 50% of the 2800 respondents reported that their incident response plan is either informal/ad hoc or completely non-existent.
However, 72% of organisations feel they are more Cyber Resilient today than they were last year. The survey suggests there is a reliance on technology, with 60% of respondents saying a lack of investment in AI and machine learning as the biggest barrier to Cyber Resilience.
According to the research, just 31% said they have adequate Cyber Resilience budget in place and difficulty retaining and hiring IT Security professionals (77%).
“Organizations may be feeling more Cyber Resilient today, and the biggest reason why was hiring skilled personnel,” said Ted Julian, VP of Product Management and Co-Founder, IBM Resilient. “Having the right staff in place is critical but arming them with the most modern tools to augment their work is equally as important. A response plan that orchestrates human intelligence with machine intelligence is the only way security teams are going to get ahead of the threat and improve overall Cyber Resilience.”
The second-biggest barrier to Cyber Resilience was having insufficient skilled personnel dedicated to cyber security, with 29% of respondents having ideal staffing to achieve Cyber Resilience.
IBM’s report also suggest that organisations are not ready for GDPR. The General Data Protection Regulation (GDPR), which takes effect in May 2018, will mandate that organizations have an incident response plan in place. According to the report, 77% of respondents do not have an incident response plan that is applied consistently across the entire enterprise.
Copyright © 2018 RegTech Analyst
Copyright © 2018 RegTech Analyst
