Close to 79 per cent of Indian firms do not have a computer security incident response plan (CSIRP) in place that is applied consistently across operations, a new IBM-Ponemon Institute study has said. In the past two years, 51 per cent of Indian organisations surveyed experienced a data breach and 56 per cent experienced a cyber security incident, revealed the study conducted by US-based Ponemon Institute on behalf of IBM Security.
Of the organisations that do have a CSIRP in place, 57 per cent do not test plans regularly or at all. Only 23 per cent reported using automation significantly in their organisation, the findings showed.
- Advertisement -
“In India, Incident Response (IR) strategy is at a nascent stage and organisations are beginning to conceive this as an integral part of risk mitigation and resilience plan,” said Vaidyanathan Iyer, Security Software Leader, IBM India/South Asia.
- Advertisement -
“Considering the lack of a well-developed and tested IR in an organisation’s cyber resiliency strategy, enterprises need to evaluate and implement the right tools at the earliest,” Iyer added.
The IBM-Ponemon study found that globally, 77 per cent of respondents indicated they do not have a cybersecurity incident response plan applied consistently across the enterprise. Studies show that companies who respond quickly and efficiently to contain a cyberattack within 30 days save over $1 million on the total cost of a data breach on average.
“Failing to plan is a plan to fail when it comes to responding to a cybersecurity incident. These plans need to be stress tested regularly and need full support from the board to invest in the necessary people, processes and technologies to sustain such a programme,” expressed Ted Julian, Vice President of Product Management and Co-Founder, IBM Resilient.
If you have an interesting article / experience / case study to share, please get in touch with us at [email protected]
Advertisement
