A study has highlighted an ‘urgent need’ for unified cyber crisis management, as most organisations โ including within the healthcare sector โ are not keeping up with preparedness requirements
Semperisโ research, The State of Enterprise Cyber Crisis Readiness, highlights a ‘dangerous’ gap between perceived readiness and real-world response capabilities.
โCyberattacks donโt check your calendar โ they hit when youโre at your weakest,โ said Marty Momdjian, Semperis, EVP, Ready1. โIn moments of crisis, itโs not about rising to the occasion, but falling back on the strength of your preparation.โ
Based on a global survey of 1,000 organisations in the US, UK, Germany, France, Italy, Spain, Singapore, Australia and New Zealand, the report reveals a sobering reality:
- 96%ย of companies globally say they have a cyber crisis response plan.
- Yetย 71%ย experienced at least oneย high-impact cyber eventย that halted critical business functions last year.
- 36%ย sufferedย multipleย high-impact events.
- 90%ย activated their enterprise crisis response plan at least once in the past year โ some more than 25 times.
- Onlyย 10%ย report no blockers during incident response.
In the UK specifically, the report highlights that nearly half (49%) of businesses had to activate their crisis response teams up to four times in the past year due to cyber incidents. A further 37% activated their crisis response team five or more times.
Despite frequent testing, most organisations are not battle-ready due to disjointed processes, poor coordination and tool sprawl. Surprisingly, staffing shortages ranked last on the list of blockers.
Top 5 blockers to effective cyber response:
- Cross-team communication gaps (48%)
- Out-of-date response plans (45%)
- Unclear roles and responsibilities (41%)
- Too many disparate tools (40%)
- Staffing shortages (ranked last globally at 39%)
Staffing shortages were only listed as the biggest blocker in Italy and New Zealand. In the US, incident responders ranked outdated response plans and cross-team communications gaps as the biggest blockers. In France and Germany, tool sprawl was the biggest blocker. Cross-team communications gaps was also the top blocker in the UK, Australia, Singapore and Spain.
IT/telecom industries experienced the most high-impact cyber events, followed by energy, travel/transportation, education and healthcare.
Photo byย Glenn Carstens-Petersย onย Unsplash