Does your organisation have a solid CSIRP that is regularly tested?
Does your organisation have a solid CSIRP that is regularly tested?

IBM Resilient has released the findings of its 2017 study, conducted by the Ponemon Institute, on the cyber-resilient organisation and what good cyber-resiliency looks like. It found that only 25 percent of respondents say their organisation has a high level of cyber-resilience.

In other words, very few are believed to be prepared for the inevitable cyber-attack. And the cause seems to be with cyber-preparedness – believed to be low too – 71 percent of respondents said that their organisation is not prepared for the recovery and remediation process after a cyber-attack.

IBM Resilient defines cyber-resilience as the alignment of prevention, detection and response capabilities to manage, mitigate and move on from cyber-attacks. Specifically, it refers to an organisations capacity to maintain its core purpose and integrity when faced with a cyber-attack.

The report offers no surprises with claims such as, “cyber-resilience supports a stronger security posture,” and that “high level of cyber-resilience reduces the occurrence of data breaches.”

It goes on to note that organisations with a great Cyber-Security Incident Response Plan (CSIRP) that is implemented company-wide and supported by management are way more likely to successfully execute the plan.

One of the biggest surprises in the report is the claim that 68 percent of respondents share info, with the UK tracking about other countries surveyed, and those in the top 10 percent in terms of cyber-resiliency and more likely to share info as well.

This despite the common thought that sharing info could open an organisation up to even further security risk.

Not everyone finds implementing a CSIRP that easy however, 74 percent of respondents told IBM Resilient that they do not have a CSIRP which is consistently applied throughout their organisation.

Of those with a CSIRP in place, 49 percent have either not reviewed it in a while, and have no real plans to do so in the near future.

And the effects of the lack of a CSIRP appears to be showing – 39 percent of respondents said the time to resolve a cyber-incident has increased in the past 12 months, compared to only 27 percent who say it has decreased.

The usual suspects are blamed for these issues: things like human errors, response time, insufficient planning, malware and phishing attacks on the rise, and the lack of resources to fight every notification, has meant that organisations are less likely to be able to respond in time.

Paul Ayers, EMEA general manager of IBM Resilient told SC Media UK: “My biggest recommendation for companies looking to improve their cyber-resilience is to invest in their ‘Planning, Preparation and Preparedness'.”

Ayers added: “Ensure your management are on board and that you regularly test your CSIRP in order to ensure that should the worst happen, everyone from the top down knows exactly what they should be doing.”