BAE Systems says just seven percent of respondents to a recent survey say protection against revenue loss is a key reason to establish an cybersecurity incident response plan.
That’s despite recent attacks that have caused devastation to IT infrastructure: shipping giant Maersk spent nearly £230 million following the NotPetya attack in 2017, when it had to rip out and replace 4,000 servers, 45,000 PCs and over 2,500 software applications.
The survey also found that over 20 percent of organisations have absolutely no permanent cyber security incident response or resources in place, this is despite over 60 percent of organisations suffering between one and 25 attacks a month.
BAE Systems Survey: Are Boards Taking Risks Seriously Enough?
Farnborough-based security and defense giant BAE Systems also found that 26 percent of company executives they surveyed reported having to deal with 25 to 99 incidents every month.
The financial repercussion of a cyber incident are of course tied into the type of incident and organisation affected, but these costs can come from a myriad of sources such as compliance cost, reputational repair and, as Maersk and others saw, infrastructure replacement.
Employee Cyber Security Incident Response Training
BAE Systems found that most security incidents are phishing-based: just over 70 percent of reported attacks are related to credential phishing.
“The high rate of phishing, viruses, and malware attacks suggests that organisations aren’t helping employees become more aware of the threats, which could be alleviated by a stronger training regimen and periodic testing of employees’ ability to identify suspicious emails, bogus websites and links.”
The paper points out that even the best tools and automated cybersecurity software are ‘rendered meaningless’ if the cyber security awareness levels of employees is so low that they inadvertently cause the company to suffer continued attacks through poor practice.
Nearly half of the executives surveyed by BAE said that they rely on third party vendors to help them build cyber security countermeasures or investigate their internal systems.
BAE note that working with outside expertise companies: “Can create policy and procedural guidelines to help meet regulatory requirements. In addition, playbooks can be developed to address specific types of incidents such as phishing and breach of privacy. These playbooks aid the incident response team in resolving incidents quickly and in a controlled, well-documented and well-informed manner.”
See Also: Fireeye Report: Detection Improving, but Hackers Are Changing Tactics
