IBM: 77% of Enterprises Don’t Have a Cybersecurity Incident Response Plan

The majority of companies — 77% of respondents — don’t have a cybersecurity incident response plan applied across the enterprise, according to a study conducted by the Ponemon Institute and paid for by IBM. One of the primary reasons for this is the well-documented security skills shortage. ��It’s a major, major problem for security generally but it’s particularly acute in incident response because it’s a newer discipline,” said Ted Julian, vice president of product management and co-founder of IBM Resilient. IBM bought Resilient, an incident response company, in 2016. The 2019 Cyber Resilient Organization is the vendor’s fourth annual benchmark study on cyber resilience — how an enterprise aligns its prevention, detection, and response capabilities to manage and mitigate threats against its data and IT infrastructure. For the report, Ponemon surveyed more than 3,600 security and IT professionals globally.