The Ponemon Institute recently completed research, sponsored by IBM Resilient, entitled “The 2019 Cyber Resilient Organization,” which surveyed more than 3,600 security and IT professionals around the world to determine organizations’ ability to maintain their core purpose and integrity in the face of cyber-attacks.

According to IBM, the research found that “a vast majority of organizations surveyed are still unprepared to properly respond to cybersecurity incidents, with 77 percent of respondents indicating they do not have a cybersecurity incident response plan applied consistently across the enterprise.”

Following the results of IBM/Ponemon’s 2018 study on the cost of a data breach, which showed that companies that respond quickly and efficiently to contain a cyber-attack within 30 days save over $1 million on average, this study shows that organizations are still falling short when it comes to planning for an incident and testing the incident response plan.

Almost half of the respondents admitted that, since they do not have an incident response plan in place, they are not in full compliance with GDPR.

Significantly, 62 percent of those surveyed state that aligning the privacy and cybersecurity teams of the organization “is essential to achieving resilience” and that data privacy has become a top priority in organizations.

Finally, the survey found that more than half of those surveyed (54 percent) do not test their incident response plans regularly, “which can leave them less prepared to effectively manage the complex processes and coordination” following an attack.

Message: developing, implementing and testing an incident response plan saves money. According to this research, it is a sound investment.

View Original Source
Photo of Linn Foster Freedman Linn Foster Freedman

Linn Freedman practices in data privacy and security law, and complex litigation. She is a member of the Business Litigation Group and chair’s the firm’s Data Privacy and Security Team. She currently serves as general counsel to the Rhode Island Quality Institute. Linn focuses her practice on compliance with all state and federal privacy and security laws and regulations, as well as emergency data breach response and mitigation. She counsels clients on state and federal data privacy and security investigations and data breaches. Prior to joining the firm, Linn was a partner at Nixon Peabody, where she served as leader of the firm’s Privacy & Data Protection Group. She also served as assistant attorney general and deputy chief of the Civil Division of the Attorney General’s Office for the State of Rhode Island. She earned her J.D. from Loyola University School of Law and her B.A., with honors, in American Studies from Newcomb College of Tulane University. She is admitted to practice law in Massachusetts and Rhode Island. Read her full bio here.