Endpoint disruption following a serious security breach can take up to two weeks to recover from and cost millions for most (87%) US and UK organizations, a new report has revealed.
Absolute Security polled 750 CISOs on both sides of the Atlantic to compile the first in a new e-book series, The Resilient CISO: The State of Enterprise Resilience.
It revealed that, over the past 12 months, more than half (55%) of respondents had suffered a cyber-attack, ransomware infection, compromise or data breach that took mobile, remote or hybrid endpoint devices out of action.
A majority (57%) claimed their organization took 3-6 days for full endpoint remediation and recovery following an incident, with a fifth (19%) revealing these efforts lasted 7-14 days.
The report also revealed that the vast majority (98%) of responding organizations spent between $1 and $5m to recover from these incidents, with the average cost per incident standing at $2.5m.
Read more on cyber resilience: UK Government Finally Introduces Cyber Security and Resilience Bill
“There is simply no way to avoid the inevitable – at some point every organization will face the reality of an attack or IT incident that takes down the business. Organizations that aren’t prepared to bounce back quickly face an almost existential crisis, as prolonged downtime can literally crush a business,” said Christy Wyatt, president and CEO of Absolute Security.
“As security and risk leaders, we need to expand our focus beyond just traditional security to also include being the driving force behind ensuring business operations run consistently and without disruption.”
Resilience Wanes
However, enterprises appear to be moving in the wrong direction. This year, some 68% of respondents claimed that their organization has a cyber-resilience strategy in place, while a similar share (65%) agreed that their company prioritizes cyber-resilience over traditional prevention, detection and response.
This marks a major decline from the figures of a year ago, which were 90% and 83% respectively.
It is CISOs that are likely to be held responsible for perceived cyber-resilience failings. Some 72% of respondents agreed that their role now includes leading recovery efforts following a serious security breach which stops business operations.
Over half (59%) said they are concerned that a security or IT incident causing major downtime could lead to job losses, personal liability and legal penalties.
Last year’s ransomware attacks on Marks & Spencer and Jaguar Land Rover are prime examples of the potentially devastating impact that breaches can have on operations.
The latter had an estimated economic impact of £1.9bn ($2.6bn), while M&S estimated costs at around £300m ($400m).