Only 17 percent of businesses globally are fully prepared for an online security incident, according to a new survey on the issue of incident response preparedness sponsored by Arbor Networks Inc. and the Economist Intelligence Unit.
The Economist Intelligence Unit surveyed 360 senior business leaders, the majority of whom (73 percent) are C-level management or board members from across the world, with 31 percent based in North America, 36 percent in Europe and 29 percent in Asia-Pacific.
The report (“Cyber Incident Response: Are Business Leaders Ready?”) shows that despite 77 percent of companies suffering an incident in the past two years, 38 percent still have no incident response plan in place.
While firms that do have a response plan in place typically rely on the IT department to lead this process, the majority also draw upon external resources—primarily IT forensic experts, specialist legal advisers and law enforcement experts.
“When it comes to cyber attacks, we live in a when not if world,” said Arbor Networks President Matthew Moynahan. “In the wake of recent high-profile, targeted attacks in the retail sector, a company’s ability to quickly identify and classify an incident and execute a response plan is critical to protecting not only corporate assets and customer data but the brand, reputation and bottom line of the company.”
Other key findings of the survey include:
- Half of all companies surveyed are unable to predict the business impact when a breach occurs.
- 41 percent of business leaders feel a better understanding of potential threats would help them be better prepared.
- Two-thirds of executives say that responding effectively to an incident can enhance their firm’s reputation.
- Firms that have suffered an incident in the past 24 months are twice as likely to have an arrangement with a third-party expert.
- 57 percent of organizations do not voluntarily report incidents where they are not legally required to do so.
- Only a third of companies share information about incidents with other organizations to spread best practice and benchmark their own response.
Arbor Networks Inc. is a leading provider of DdoS (distributed denial of service) and advanced threat protection solutions for enterprise and service provider networks.
The Economist Intelligence Unit, a provider of country and business intelligence, helps executives make better business decisions by providing timely, reliable and impartial analysis on worldwide market trends and business strategies.