As many as 88% of chief information security offers (CISOs) in the UK say known data breaches haven’t been addressed.
That’s according to findings from ServiceNow, who surveyed 300 of the country’s CISOs, which highlighted the fact that whilst strategies for detecting data security threats seem to be working, new approaches are needed when it comes to responding to them.
In The Global CISO Study: How Leading Organisations Respond to Security Threats and Keep Data Safe almost all of the CISOs polled said that detected data breaches are going unaddressed, whilst 64% admitted that it is difficult to prioritize threats based on business criticality.
ServiceNow pointed to manual processes, resources and talent deficiencies and the inability to prioritize threats as key factors impairing security response effectiveness.
“UK CISOs are spending an increasing amount on preventing and detecting data breaches, but our research underscores that response is where they should focus,” said Chris Pope, office of the chief strategy officer, ServiceNow. “Automating and orchestrating security response is the missing link for CISOs to radically increase the effectiveness of their security programs.”
These were sentiments echoed by Steve Durbin, managing director, Information Security Forum, who told Infosecurity that a strong response plan is absolutely critical to deal with today’s cyber-threats.
"Having worked through a response which includes who to notify, how to deal with the public relations aspect and indeed who should be the spokesperson are all elements which still tend to be forgotten in response plans, which typically will focus on getting the business back up and running and ensuring that the threat has been dealt with and its impact mitigated", he argued.
However, having the plan itself isn’t enough, Durbin added, you also need to rehearse the plan, test it out and ensure that all of the key players understand their role ahead of time because come the day the threat becomes a breach, time will be at a premium.