Crisis Plans Minimize Cyberattack Disruption

Hilary Tuttle


August 3, 2020

According to the Cyber Resilient Organization Report, conducted by the Ponemon Institute and sponsored by IBM Security, organizations’ ability to respond to and contain cyberattacks has decreased over the past five years, hindered by too many security tools and too little crisis response planning. Indeed, those that have invested in more than 50 security tools ranked themselves 8% lower in their ability to detect an attack and 7% lower in their ability to respond. Those who took an enterprise risk approach and created formal security response plans across the business were much less likely to experience significant disruption as a result of cyberattacks. Over the past two years, only 39% of those respondents suffered a disruptive security incident, compared to 62% of those with less formal plans. Companies that had incident response teams and extensively tested their response plans also spent $1.2 million less on data breaches. Yet 75% admit their plans are ad-hoc, applied inconsistently, or do not exist at all. There is also room for most to improve: Of those that do have formal plans, only a third (17% overall) have specific playbooks for common attack types and less than half review their plans regularly or update them to reflect emerging risks.

Hilary Tuttle is managing editor of Risk Management.