RSA Breach Readiness Survey Finds Majority Not Prepared
Most companies aren't prepared for a data breach, since 57 percent of non-Security for Business Innovation Council (SBIC) respondents that have formal incident response plans have never updated or reviewed their plans, said a news release from RSA Tuesday on…
Sign up for a free preview to unlock the rest of this article
Export Compliance Daily combines U.S. export control news, foreign border import regulation and policy developments into a single daily information service that reliably informs its trade professional readers about important current issues affecting their operations.
a global breach readiness survey. The RSA survey covered 30 countries and compared its results with a survey of SBIC members, the release said. Using the SBIC results as a benchmark, the RSA survey results “suggest that the majority of organizations are not following incident response best practices and are not well prepared to face the challenges of today’s advanced cyber threats,” the release said. The survey focused on four major areas of breach readiness and response -- Incident Response, Content Intelligence, Analytic Intelligence and Threat Intelligence -- and found “organizations continue to struggle with the adoption of technologies and best practices that will allow them to more effectively detect, respond to, and disrupt the cyberattacks that turn into damaging breaches,” the release said. The survey found 55 percent of respondents lack the ability to identify and monitor critical assets, and only 50 percent have a plan in place for identifying “false positives.” Though most organizations recognized basic log collection through security information and event management systems “only provides partial visibility into their environment,” only 42 percent of respondents had sophisticated forensic networks, the release said. While external threat intelligence and information sharing was seen as a way for organizations to stay up to date, only 43 percent of respondents leveraged external threat intelligence to supplement their efforts, it said. "Organizations are struggling to gain visibility into operational risk across the business,” RSA Chief Trust Officer Dave Martin said. “As business has become increasingly digital, information security has become a key area of operational risk and while many organizations may feel they have a good handle on their security, it is still rarely tied in to a larger operational risk strategy, which limits their visibility into their actual risk profile," he said. “People and process are more critical than the technology as it pertains to incident response,” Thales Australia and New Zealand Chief Information Security Officer Ben Doyle said. A “security operations team must have clearly defined roles and responsibilities to avoid confusion at the crucial hour,” Doyle said. But he said it's “just as important to have visibility and consistent workflows during any major security crisis to assure accountability and consistency and help organizations improve response procedures over time."