Despite the increased attempts by organisations to improve cybersecurity response planning, containing cyberattacks is still a major issue for them, according to an IBM study.

Cyberattacks have been on the rise in the last two years with 56 per cent of Indian organisations confirming that they had experienced a data breach that had lead to the loss or theft of more than 1,000 records containing sensitive or confidential customer or business information. The responses were part of a global survey conducted by Ponemon Institute and sponsored by IBM Security.

According to IBM’s 2020 Cyber Resilient Organization Report, 46 per cent of organisations, in the past two years, have experienced a cybersecurity incident that had disrupted the organisation’s IT and business processes significantly.

Organisations are making attempts to improve their cybersecurity resilience despite the gaps. 45 per cent of organisations in India had said that their cyber resilience had improved. The improvement was based on better measures in terms of decreased time taken to identify a security incident and to contain it. Meanwhile, 46 per cent of organisations were able to prevent cyber attacks.

65 per cent of respondents had cited hiring of skilled personnel as the primary reason for this improvement followed by improved information on governance practices.

What sets these organisations back in terms of resilience is a lack of proper planning and an outdate playbook lacking measures for specific attacks in most cases.

 

Reasons for cyberattacks

The top three reasons why 23 per cent of organizations had said that their cyber resiliency has not improved were lack of adequate budget (42 per cent), loss of skilled staff (40 per cent) and poorly configured cloud services (31 per cent).

An outdated playbook for countering specific attacks is another major reason why containing cyberattacks has become a problem. Globally, even amongst organisations with a formal cybersecurity incident response plan (CSIRP), only 33 per cent organisations had playbooks in place for specific types of attacks.

Furthermore, even the organizations that do have formal plans in place do not review it that frequently.

Globally, “the vast majority of organisations surveyed (74%) are still reporting that their plans are either ad-hoc, applied inconsistently, or that they have no plans at all,” the report said.

In India, out of the organisations that have experienced a data breach or cybersecurity incident in the last two years, 41 per cent responded that they review and test their plan once each year, while 30 per cent organisations had no set time period to review or update their plan. 16 per cent of respondents said they have not reviewed or updated since the plan was put in place.

"While more organizations are taking incident response planning seriously, preparing for cyberattacks isn’t a one and done activity," said Wendi Whitmore, Vice President of IBM X-Force Threat Intelligence. "Organisations must also focus on testing, practising and reassessing their response plans regularly. Leveraging interoperable technologies and automation can also help overcome complexity challenges and speed the time it takes to contain an incident.”

"While Indian organisations have shown improvement in terms of their cyber resiliency by hiring skilled professionals and overall planning, a lot more to be done to manage the dynamic cybersecurity landscape. Organisations need to look at testing their cybersecurity incident response plan regularly and leverage technologies like Automation, AI, and interoperable solutions to help sail through any unforeseen situation," Vikas Arora, VP, IBM Cloud & Cognitive Software & Services, IBM India and South Asia, said.

More focus on technology, fewer tools

Organisations must also remain careful in terms of using security tools and avoid complexity as much as possible.

“Organizations using 50+ security tools ranked themselves 8% lower in their ability to detect, and 7% lower in their ability to respond to an attack, than those respondents with less tools,” the report said.

Apart from this, factors such as automation, data protection regulations and a strong privacy posture also contribute to strengthening the cyber security system.

According to the report, “79% attribute automation, machine learning, artificial intelligence and orchestration as key reasons that strengthen cyber resilience. 70% believe complying with data protection regulations such as the EU’s GDPR and California’s new privacy law is important to achieving cyber resilience. 61% attribute a strong privacy posture is important to achieving cyber resilience.”

The report is based on insight from over 3,400 security and IT professionals from around the world, including the United States, India, Germany, United Kingdom, Brazil, Japan, Australia, France, Canada, ASEAN, and the Middle East. In India, IT professionals from various sectors including Financial Services, Health & Pharmaceutical, Public Sector, Retail, Services, and Industrial were surveyed for the report.

comment COMMENT NOW