Study: Organisations suffer critical & costly IT incidents 5 times a month

Organisations experience a critical IT incident five times per month, with each costing £108,000, according to a new report based on a study conducted by research firm Quocirca on behalf of big-data company Splunk.
Study: Organisations suffer critical & costly IT incidents 5 times a month
Study: Organisations suffer critical & costly IT incidents 5 times a month

On average, organizations experience a critical IT incident five times per month, with each one costing a mean of US$ 141,628 (£108,000), according to a new report based on a study conducted by research firm Quocirca on behalf of big-data company Splunk.

Of this total amount, IT department costs account for US$ 36,326, (£28.000) while the remaining US$ 105,302 (£80.000) is comprised of downstream costs to the business.

For the purpose of this study, Quocirca surveyed 1,000 senior IT managers in nine countries. Among these respondents, 70 percent said that a past critical incident -- such as a data breach, ransomware infection of distributed denial of service attack -- damaged their organisation's reputation. And yet, 96 percent of survey-takers admitted that their organisations are failing to learn from previous incidents, and 80 percent said that their mean time to detect incidents can still be improved.

Based on survey responses, the mean time to repair such critical incidents is 5.81 hours, the report notes.

Of course, not every incident is critical in nature. On average, organisations are experiencing 1,200 IT incidents of varying severity per month.

Another new report, based on a study conducted by Ponemon Research on behalf of Radware, similarly reveals how IT departments can become overwhelmed responding to incidents. Of 600 surveyed CISOs, 45 percent of them revealed that they experienced a data breach in the last year, and 68 percent said they lack confidence that they can keep their corporate information safe. Moreover, only 27 of respondents who specifically work in the healthcare industry said they felt confident they could protect patients' medical records.

The study's primary focus in on web application security, including how it can be impacted by bot-driven web traffic. One on three CISOs surveyed for the study acknowledged that their organisations are unable to differentiate between good bots and bad bots, even though in some cases bots represent more than 75 percent of a company's total web traffic.

Topics: