New research from the BCI has revealed substantial differences among organizations when it comes to response times following a cyber-breach.
Whilst an impressive 31% of the 369 business continuity and resilience professionals polled said they react to cyber incidents within 60 minutes, a concerning 19% admitted it can take them four hours or more to take any action, with almost half taking more than two hours to respond.
According to the BCI, two-thirds of respondents were hit by at least one incident in the previous year and 15% said they experienced as many as 10 in the same time period. The frequency of these attacks highlights how important it is for organizations to have plans in place to mitigate against these kind of threats or to lessen their impact, a large part of which comes down to having a quick response strategy.
“Incident response plans are one of the most critical elements of an organization’s security strategy,” Matthew Aldridge, solutions architect at Webroot, told Infosecurity. “Unfortunately, we are in a time where a breach of some form is almost inevitable so being able to act quickly to mitigate it and minimize the impact could make all the difference to a business, and its customers.”
“The longer that the breach remains undetected the more significant the damage – in both the long and short-term," added Stephen Love, security practice lead EMEA at Insight.
“An effective allegory is that of a damaged water pipe; the longer it is left to leak the more damage occurs. Consider data your water – the longer a breach lies unnoticed, the more data you lose.”
Of course, there are attacks that are of such a nature that even when an organization wants to respond quickly, they may be rendered unable to do so.
Phishing and social engineering were found to be the top causes of cyber disruption with over 60% of companies being hit by these, whilst 45% suffered malware and 24% denial of service attacks. All of these use different ways to make a company’s own network either contaminated or inoperable, which can force them to have to switch off their internet connection until they can secure themselves from further risk.
David James-Brown FBCI, chairman of the BCI, added:
“This piece of research is one of the most timely, insightful and relevant the BCI has ever produced. Cyber-attacks tend to target the weakest links of an organization, and this calls for a greater awareness of ‘cybercrime’. As the cyber threat evolves, it is crucial to stay on top of it, building long-term initiatives and regularly updating recovery plans.”