Despite enhanced security plans, enterprises’ ability to respond to cyberattacks declines: IBM

While enterprises have beefed up plans to detect and respond to cyberattacks over the past five years, their ability to contain an attack has declined by 13% during the same period, says a study by Armonk, New York-based technology giant IBM.

Security response efforts at enterprises have become counterproductive due to the use of too many security tools. A lack of specific playbooks for common attack types employed by hackers around the world has also weakened cybersecurity. 

According to IBM, while security response planning has improved over the years, a majority of organisations (74%) still report that their “plans are either ad-hoc, applied inconsistently, or that they have no plans at all.”

Companies have adopted formal, enterprise-wide security response plans over the past five years, growing from 18% of respondents in 2015 to 26% this year, according to a statement.

In India, 45% of those surveyed said that their cyber resilience improved and  56% of respondents believed that their time to identify incident has improved. Some 46% of respondents said they were able to prevent cyber attacks.

Skilled professionals, improved information governance practices and visibility into applications and data assets are top reasons for cyber resilience, IBM said.

The global survey,  conducted by Ponemon Institute and sponsored by IBM, interviewed more than 3,400 executives such as CIOs, head of cybersecurity and head of enterprise risk management among others. Respondents came from small and medium businesses to large enterprises in sectors such as financial services, health and pharmaceutical, public sector, retail, services, and manufacturing.

"There needs to be a lot more done to manage the dynamic cybersecurity landscape despite the improvement in cyber resilience. Organisations need to look at testing their cybersecurity incident response plan regularly and leverage technologies like automation, cloud, artificial intelligence, and interoperable solutions to help sail through any unforeseen situation," Vikas Arora, VP, IBM Cloud & Cognitive Software & Services, IBM India and South Asia, said in the statement. 

The number of security tools that an organisation uses has a negative impact on its cyber resilience, with those using more than 50 security tools ranking themselves 8% lower in their ability to detect, and 7% lower in their ability to respond to an attack, compared to respondents with fewer tools, the study found. 

Also, companies with formal security response plans saw less disruption with only 39% of these firms experiencing a disruptive security incident, compared to 62% of those with less formal or consistent plans.

In a separate study by IBM, the most common path for cybercriminals to compromise cloud environments was found to be cloud-based applications, representing 45% of incidents. 

The technology giant recently released Watson Works, a set of products that will help companies to make informed decisions about workplace re-entry, facilities management, space allocation and other Covid-19 related requirements.