Most Organizations Unprepared for Cyber-Attacks, Report Says

According to the annual Global Threat Intelligence Report (GTIR) by NTT.com, nearly 80 percent of organizations are unprepared and lack a formal plan to respond to cybersecurity incidents including data breaches and cyber-attacks. On top of that, only 23 percent of organizations surveyed are capable of responding effectively to critical security incidents. “Prevention and planning for cyber security incidents seems to be stagnating,” said Garry Sidaway, vice-president of strategy and alliances at NTT Com Security. “This is a real concern and could be due to a number of reasons, such as security fatigue caused by too many high-profile security breaches, information overload and conflicting advice in combination with the sheer pace of technology change, lack of investment and increased regulation.” What’s even more frightening, and further displaying the lack of resources and focus on cyber-threats, is that the report found that almost 21 percent of network vulnerabilities detected were more than three years old. As a result, the report makes four recommendations for starting an incident response plan: Prepare incident management processes and “run books,” evaluate your response effectiveness, update escalation rosters and prepare technical documentation.