April 11, 2019 By Larry Ponemon 3 min read

Today, the Ponemon Institute released its fourth annual “The Cyber Resilient Organization” report. This global study was the first of its kind back in 2015 and has been proudly sponsored by IBM Security since the beginning.

Over time, the importance of cyber resilience within the organization has grown significantly. Security leaders are striving to benchmark the organization’s preparedness and level of security, and measuring cyber resilience is a good reflection of their ability to withstand cyberattacks.

This year’s study queried 3,655 IT and security professionals and covered 11 different global markets: the U.S., Canada, India, Germany, Japan, Brazil, the U.K., France, Australia, the Middle East and Southeast Asia.

Download the Ponemon Report

Benchmarking Cyber Resilience to Identify Best Practices

When we look back on last year’s study, the biggest barrier to cyber resilience was a lack of investment in important tools, such as artificial intelligence (AI) and machine learning. We saw a significant change here with 23 percent of respondents now using security automation, which includes both AI and machine learning, extensively.

As part of this research, we created a benchmark for measuring cyber resilience by isolating the most cyber resilient organizations and uncovering their approaches and habits; we refer to these organizations as high performers. In this year’s study, 960 respondents — 26 percent of the total sample — identified as high performers. Let’s look at some of the key things these organizations are doing differently to achieve this enhanced level of cyber resilience.

First, high performers have response plans. Fifty-five percent of high-performing organizations have a cybersecurity incident response plan (CSIRP) deployed across the organization, as opposed to only 23 percent of the rest of the pool. Meanwhile, 77 percent of businesses do not have a consistently deployed plan. While this figure hasn’t changed significantly in the four years since we started this research, there is a surprisingly large number of organizations that lack this fundamental building block to achieving cyber resilience.

This year, for the first time, we followed up with these respondents to understand what obstacles they faced. Some said they lacked the necessary staffing or strong leadership required to drive this process, while others pointed to difficulties with organizational structure that didn’t support a centralized approach.

It is no surprise, then, that nearly half (46 percent) of respondents said their organization has yet to reach full General Data Protection Regulation (GDPR) compliance nearly a year after the data privacy regulation took effect in May 2018. In future research, we plan to explore the reasons why companies lack a consistent incident response plan.

What Sets High-Performing Organizations Apart?

It’s clear that being a high performer has a positive impact on an organization’s security posture. High performers suffer fewer data breaches (41 percent versus 55 percent) and less disruption caused by cyberattacks. When we look further at the characteristics of high-performing organizations, it comes down to a blend of people, processes and technology.

In terms of people, the skills gap remains a critical barrier for most organizations, with respondents highlighting headcount gaps and the difficulty in hiring and retaining skilled staff as key hurdles. High-performing organizations are better able to address this and, more importantly, have leadership that values these skills and the importance of cyber resilience.

When it comes to processes, more than 55 percent of high-performing organizations have a consistently applied CSIRP, and they are more likely to participate in threat intelligence and data breach sharing partnerships (69 percent versus the average of 56 percent).

Finally, high performers identified IT complexity as a challenge. As a result, these organizations are more likely to have less security solutions deployed (39 versus 45) and to believe they have the right technology footprint to achieve cyber resilience.

Reduce the Cost of a Data Breach With Security Automation

There is a clear need for organizations to establish a strategy to address these challenges and think about how they handle security incidents in the context of the GDPR and other regulations.

The volume and severity of cyberattacks continue to rise, but research has shown that technology adoption around security automation can save organizations up to $1.55 million on the total cost of a data breach, whereas organizations that do not leverage security automation end up realizing a much higher total cost of a data breach.

Register for the Live Webinar on April 30 at 12 p.m. ET to learn more

More from CISO

Making smart cybersecurity spending decisions in 2025

4 min read - December is a month of numbers, from holiday countdowns to RSVPs for parties. But for business leaders, the most important numbers this month are the budget numbers for 2025. With cybersecurity a top focus for many businesses in 2025, it is likely to be a top-line item on many budgets heading into the New Year.Gartner expects that cybersecurity spending is expected to increase 15% in 2025, from $183.9 billion to $212 billion. Security services lead the way for the segment…

On holiday: Most important policies for reduced staff

4 min read - On Christmas Eve, 2023, the Ohio State Lottery had to shut down some of its systems because of a cyberattack. Around the same time, the Dark Web had a “Leaksmas” event, where cyber criminals shared stolen information for free as a holiday gift. In fact, the month of December 2023 saw more than 2 billion records breached and 1,351 disclosed security incidents, according to research from IT Governance — an increase of 332% and 187%, respectively, over the month of…

Overheard at RSA Conference 2024: Top trends cybersecurity experts are talking about

4 min read - At a brunch roundtable, one of the many informal events held during the RSA Conference 2024 (RSAC), the conversation turned to the most popular trends and themes at this year’s events. There was no disagreement in what people presenting sessions or companies on the Expo show floor were talking about: RSAC 2024 is all about artificial intelligence (or as one CISO said, “It’s not RSAC; it’s RSAI”). The chatter around AI shouldn’t have been a surprise to anyone who attended…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today