Businesses, in an effort to respond promptly and effectively to cyber security incidents, are investing in too many tools, which can negatively affect the effectiveness of their defense. A few days ago, IBM published the results of a global survey conducted by Ponemon Institute, including responses from about 4.000 people from around the world working in its field security and information technology. According to the survey, while businesses are investing and programming, efficiency does not reach the desired levels, as business efforts are hampered by the complexity caused by fragmented tools. The fifth annual IBM Cyber Resilient Organization report notes that while businesses are improving their design, detection and response to cyberattacks, their ability to contain an active threat has been reduced by 13%.
Businesses develop an average of 45 cybersecurity-related tools in cyberspace networks their. However, the use of a large number of tools can contribute to the inability of a company to not only detect an active attack, but also to defend itself against it.
Businesses with more than 50 tools ranked 8% lower in their ability to detect threats and 7% lower in their defenses. possibilities, compared to those who use fewer tools.
Undoubtedly, the field of cybersecurity has evolved and reached a new level, with 26% of respondents stating that their companies have now adopted official corporate security plans. In addition, among those who have adopted a response plan to incidents security, only a third have created a playbook for common types attack to be careful. According to the research, because each type of attack requires a different response technique, the existence of predefined playbooks provides companies with consistent and repetitive action plans for the most common attacks, which they are likely to face.
IBM said the lack of planning and testing to deal with such incidents could cost up to $ 1,2 million more than a cyberattack would cost a victim company.
In the light of his pandemic COVID-19 and the rapid changes that many have experienced in their workplaces, the plans and tools for responding to such attacks should be reconsidered. It is worth noting that only 7% of respondents evaluate these plans every quarter, while 40% have not set a time period for evaluation and review.
IBM said that as business activities change rapidly due to the fact that more and more employees are working remotely, but also because new attack techniques are constantly appearing, these data suggest that many businesses rely on outdated response plans that do not reflect the current threat and the existing business landscape.