Expert Comments

Experts On IBM’s Cyber Resilient Org Report

Expert(s): Security Experts
Expert(s): Security Experts Published: Last Updated on

IBM’s recent announcement of its 5th annual Cyber Resilient Organization Report, conducted by the Ponemon Institute.

Key findings from the report:

  • More orgs (26%) have adopted formal, enterprise-wide security response plans over the past 5 years, compared to 18% of respondents in 2015.
  • Amongst those with a formal security response plan, only 1/3 (17% of respondents) had also developed specific playbooks for common attack types.
  • The # of security tools used has a negative impact; orgs that use 50+ security tools ranked themselves 8% lower in their ability to detect, and 7% lower in their ability to respond to an attack, compared to those with less tools.
  • Over the past two years, only 39% of companies with a formal security response plan in place experienced a disruptive security incident, compared to 62% of those with less formal plans.

Experts Comments

Dot Your Expert Comments
Chloé Messdaghi
July 02, 2020
VP of Strategy
Point3 Security

Money can fix certain things but not human element issues.
Another factor must be taken into consideration: the human element. We see companies paying for solutions for the sake of their compliance checklists, and yet, down the road, their teams don’t know what some of these tools do or how to use them. Right now, more than ever, it’s important to support and empower security teams. This means discovering in a collaborative way skills shortages and knowledge gaps. That can mean that those in charge should be familiar with the tools they’re.....Read More
Another factor must be taken into consideration: the human element. We see companies paying for solutions for the sake of their compliance checklists, and yet, down the road, their teams don’t know what some of these tools do or how to use them. Right now, more than ever, it’s important to support and empower security teams. This means discovering in a collaborative way skills shortages and knowledge gaps. That can mean that those in charge should be familiar with the tools they’re asking their front-line staffs to use. It also means protecting the security team against burnout. During this pandemic time, it’s also important to realize that some of your employees may be more susceptible to burnout, for example, they might be women with children taking on more of the weight of home responsibilities in addition to their careers. People need to feel recognized for their workplace contributions and also know they’ve got the agency to sustain work/life balance. Money can fix certain things but not human element issues. Companies that provide recognition and work-life balance, and that provide ongoing cyber skills assessments and up-skills training through scientifically proven tools, are strengthening their cybersecurity overall, and providing a fairer and more effective workplace.  Read Less
Saryu Nayyar
July 01, 2020
CEO
Gurucul

Overloading security analysts with too much information is a known issue.
There are some interesting takeaways from the latest Cyber Resilient Organization Report, done by Ponemon for IBM. While readiness and responsiveness is improving, and organizations that have implemented a formal response plan are seeing less disruption, work is still needed in other areas. Many organizations still need to formalize their incident response plans and bring their cybersecurity posture up to date. Too few organizations have playbooks in place to react to an incident in a.....Read More
There are some interesting takeaways from the latest Cyber Resilient Organization Report, done by Ponemon for IBM. While readiness and responsiveness is improving, and organizations that have implemented a formal response plan are seeing less disruption, work is still needed in other areas. Many organizations still need to formalize their incident response plans and bring their cybersecurity posture up to date. Too few organizations have playbooks in place to react to an incident in a consistent manner. Perhaps worse, some organizations have found that simply adding additional security tools to the mix has actually reduced their effectiveness. Overloading security analysts with too much information is a known issue. This is why we recommend bringing all of the disparate data feeds into a single place with advanced security analytics, where that flood of information can be consolidated, normalized, analyzed, and presented to the responders in a risk-prioritized manner that lets them focus on the most relevant threats, and facilitates additional automation to reduce their load.  Read Less

Dot Your Expert Comments


Only for registered and approved experts. Please register before providing comments. Register here
* By using this form you agree with the storage and handling of your data by this web site.
Submit
0
FacebookTwitterLinkedinWhatsappEmail

You may also like

Experts Reaction On World Economic Forum 2021 Report Cites Cyber...

Major Security Flaws Found In Signal And other Video Chat...

Comment On IoT Risks Of Peloton Bike

70% of UK Finance Industry Hit With Cyber-Attacks In 2020

A Chinese Hacking Group Is Stealing Airline Passenger Details

Expert Commentary: Hacker Posts 1.9 Million Pixlr User Records For...

NSA And Dutch NCSC Warn Outdated TLS Certs

Federal Agency Warns Cloud Attacks Are On The Rise –...

Experts Reaction On New Chrome Update To Boost Password Security

Experts Insight On Latest Flaw Within DNSpooq