HP has unveiled the results from a new study on the importance of senior executive involvement in a breach response plan and has released free online tools to help executives assess their organization’s current level of preparedness.
According to the HP-sponsored[1] 2014 Executive Breach Preparedness Research Report, more than 70 percent of executives think that their organization only partially understands the information risks they’re exposed to as a result of a breach. To add to that, less than half of C-suite and board-level executives are kept informed about the breach response process, and only 45 percent believe they are accountable for the incident response process.
“Without a well-thought-out plan in place, and without the proper guidance, training, and processes instituted throughout the organization, executives may stumble when dealing with the public outcry once sensitive data has been compromised,” said Arthur Wong, senior vice president and general manager, Enterprise Security Services, HP. “No amount of cyber defense measures can completely protect organizations from highly sophisticated cyberattacks, but how prepared an organization is in the event of a breach can mean the difference between a speed bump in the road or a catastrophic business event.”
Featured Download: Social media access at work. Do your employees know the rules?
To help executives prepare for a breach, HP has developed free online resources to determine the amount of risk an organization faces and its readiness to respond to a breach, including:
· A study exploring how 300 global organizations plan and use best practices to prepare for cyber security incidents.
· HP breach response assessment – contains a series of questions that compares an organization’s answers to those of its industry peers. Using the tool, an individual can assess the organization’s ability to respond to a data breach and identify areas of strength and weakness when it comes to preparing for a breach.
· HP executive breach response playbook—consists of scenarios, best practices, and benefits in planning that will help an organization understand the response plan and how to be prepared in the event of a data breach.
· Webinars to help executives draft and implement breach preparedness plans.
Additional key findings from the 2014 Executive Breach Preparedness Research Report include:
· 79 percent of respondents say executive level involvement is necessary to achieving a successful data breach response, while 70 percent believe board level oversight is also crucial.
· Only 45 percent of executives believe that their own enterprise’s incident response process is either proactive or mature.
· 57 percent of respondents say the lost or theft of more than 10,000 records containing confidential or sensitive information constitutes a significant data breach. In terms of cost, a data breach that averages approximately $2 million is considered significant.
Learn more about research findings
Findings from the Executive Breach Preparedness study and the free online resources are available at www.hp.com/go/breachresponse. Information about HP Enterprise Security Services at www.hp.com/enterprise/security.
[1] The Executive Breach Preparedness Survey research was conducted by the Ponemon Institute. See full report here.
About HP
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.