View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Third of global firms have no response to cyberattack

Research from RSA Security shows alarming complacency.

By Jimmy Nicholls

A third of global organisations have not planned a formal response to a cyberattack, according to a survey by RSA Security.

The research, which covered incident response and various forms of intelligence, unearthed a culture in which firms struggle to adopt the latest technologies and best practices in order to combat cybercrime.

Dave Martin, chief security officer at EMC, which owns RSA, said: "Organisations are struggling to gain visibility into operational risk across the business.

"As business has become increasingly digital, information security has become a key area of operational risk and while many organisations may feel they have a good handle on their security, it is still rarely tied in to a larger operational risk strategy, which limits their visibility into their actual risk profile."

Despite the lack of a response plan almost three-quarters of respondents had access to forensics for malware and endpoints, whilst 42% had network forensics which are said to be more sophisticated.

The survey did however highlight a lack of mitigation over common vulnerabilities, with only 40% making use of a vulnerability management scheme to stop hackers exploiting such flaws.

Ben Doyle, CISO of the security vendor Thales Australia and New Zealand, said: "People and process are more critical than the technology as it pertains to incident response.

Content from our partners
Unlocking growth through hybrid cloud: 5 key takeaways
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape

"First, a security operations team must have clearly defined roles and responsibilities to avoid confusion at the crucial hour.

"But it is just as important to have visibility and consistent workflows during any major security crisis to assure accountability and consistency and help organizations improve response procedures over time."

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.