77% of orgs lack a cybersecurity incident response plan
A new study by IBM Security and the Ponemon Institute exposes major shortcomings in cyber resilience among organizations. The report found that more than 3 out of 4 (77%) companies lack a properly and consistently implemented cybersecurity incident response strategy. A majority of firms (54%) do not regularly test their incident response plans, as a result of which they can’t be sure to what extent their strategy will enable them to effectively respond to actual cybersecurity incidents.
Another striking finding is that almost a year after the EU’s General Data Protection Regulation went into effect, 46% of companies have not yet achieved full compliance with the stringent privacy law. The lack of cyber resilience highlighted by the annual study is similar to findings from previous reports.