The Ponemon Institute just released its annual “The Cyber Resilient Organization” report, sponsored by IBM Security. In its fifth year, this study takes an in-depth look at organizations’ ability to prevent, detect, contain and respond to cyberattacks. The report examines changes in cyber resilience and identifies approaches and best practices organizations took to improve their overall cyber resilience.
Download the Ponemon report
A cyber resilient enterprise can be defined as one that more effectively prevents, detects, contains and responds to a myriad of serious threats against data, applications and IT infrastructure.
This study is based on surveys with more than 3,400 information technology (IT) and security professionals in 11 global markets: the U.S., Canada, Brazil, the U.K., France, Germany, India, Japan, Australia, the Middle East and Southeast Asia.
Cyber Resilience is Improving but Challenges Remain
Organizations have greatly improved their cyber resilience since 2015: the percent of organizations that achieved a high level of cyber resilience increased from 35% in 2015 to 53% in 2020, growing 51%. Despite an increase in the volume and severity of attacks during the past 12 months, 67% and 64%, respectively, organizations are feeling more confident.
During the same time, cybersecurity incident response plans (CSIRP) have increasingly been adopted, growing 44% since 2015. This is a key indicator of an organization’s ability to respond and contain a cyberattack. Despite this progress, 51% of respondents say their CSIRPs were not applied consistently across the enterprise or, worse, their plan was informal or ad hoc. In addition, nearly one-quarter of organizations did not have an CSIRP at all.
Even among those with a formal CSIRP, only one-thir ..