Light Dark
June 23, 2016 By Maria Battaglia 3 min read
Incident Response

For most organizations around the world, the concept of global cyber resilience has taken hold — and it’s the standard many are striving to achieve. However, there’s still a great deal of work to be done globally. The state of resilience (and the challenges involved with improving it) varies from region to region.

The Ponemon Institute and IBM Resilient released a series of global studies that explore and benchmark the state of cyber resilience in the U.S., U.K. and Germany. These reports outline the threats and barriers to resilience in each respective country and offer insight on how security teams can build more resilient organizations.

A Conversation About Global Cyber Resilience

To get a more global view of the state of resilience, we spoke with Dr. Larry Ponemon, chairman and founder of the Ponemon Institute. We asked him for his thoughts on how the three countries stack up against one another — and the top lessons to be gleaned from the studies.

IBM RESILIENT: When you look at the global research holistically, what do you find to be most interesting?

PONEMON: One thing we find is that there’s general consensus in all countries on the importance of resilience — not just cyber, but in all aspects. Organizations truly understand they need the ability to maintain their integrity and sustain their business in the face of an array of challenges. It’s a growing concern.

Another lesson we learned is that — despite cultural differences — there’s a lot of symmetry around the globe when it comes to barriers to IT and security. In order for companies everywhere to be resilient, they need to overcome corporate silos and create a cross-functional team that brings different skills to the table.

But a lot of teams don’t press their comrades in other departments and don’t speak each other’s languages. As a result, it creates real barriers for those companies.

IBM RESILIENT: What are the biggest regional differences you found — and why do these differences exist?

PONEMON: We found that Germany, in particular, is sometimes an outlier. It stems from the fact that there are more regulatory requirements in Germany, and the German culture generally includes a high level of security and vigilance — and that includes the cyber realm.

Plus, Germans are more likely to have a comprehensive incident response [IR] plan. It’s not 100 percent true for the country, but German organizations are generally better prepared than the U.S. and U.K. Germany can demonstrate the workflow for a data breach and outperform other countries. The U.S. and U.K. are consistently very similar, but Germans have a more resilient security posture.

IBM RESILIENT: What were you most surprised to find in the global studies?

PONEMON: We saw good news and bad news. The good news is that most organizations globally see the importance of resilience. They’re not just preparing for specific incidents like malware and ransomware but building the mettle to overcome an array of events, through people, process and technology.

That’s the good news: they recognize this.

Bad news is that a lot of global companies also recognize that they’re not resilient today — and it could be catastrophic. And there are a number of challenges: They don’t have the resources allocated — or the right people and skillsets in security that they need.

For others, it just may not be a high priority for organizations’ leadership. They think it’s a technical thing — or a matter for IT. It’s really bad when that happens.

IBM RESILIENT: What immediate steps should U.S. and European Union-based organizations take to improve their cyber resilience?

PONEMON: One of the most critical things we found is that organizations that have an IR plan in place, prepare and test their plans tend to do better than the ones that don’t do the basic blocking and tackling.

Some of these organization have plans, but it’s wallpaper — they don’t value it. It’s just a checkbox, and it doesn’t accomplish anything.

Security teams need to look at security events like DDoS [denial-of-service] malware, data breaches or PII [personally identifiable information] losses — because each event requires different approaches. They need to find out if you have a plan and if they’re ready for it — and most aren’t. That’s the first step to getting more effective at IR.

Beyond the plan, you need to have a team of people ready to roll. If you don’t have people, outsource it. Companies that do so have a much stronger security profile and cyber resilience. We see that consistently.

**UPDATED** Read the Ponemon Institute’s Third Annual Study on the Cyber Resilient Organization

Maria Battaglia
CMO, IBM Resilient

More from Incident Response
April 9, 2024

Why security orchestration, automation and response (SOAR) is fundamental to a security platform

3 min read - Security teams today are facing increased challenges due to the remote and hybrid workforce expansion in the wake of COVID-19. Teams that were already struggling with too many tools and too much data are finding it even more difficult to collaborate and communicate as employees have moved to a virtual security operations center (SOC) model while addressing an increasing number of threats.  Disconnected teams accelerate the need for an open and connected platform approach to security . Adopting this type of…

March 6, 2024

Why federal agencies need a mission-centered cyber response

4 min read - Cybersecurity continues to be a top focus for government agencies with new cybersecurity requirements. Threats in recent years have crossed from the digital world to the physical and even involved critical infrastructure, such as the cyberattack on SolarWinds and the Colonial Pipeline ransomware attack. According to the IBM Cost of a Data Breach 2023 Report, a breach in the public sector, which includes government agencies, is up to $2.6 million from $2.07 million in 2022. Government agencies need to move…

February 21, 2024

X-Force Threat Intelligence Index 2024 reveals stolen credentials as top risk, with AI attacks on the horizon

4 min read - Every year, IBM X-Force analysts assess the data collected across all our security disciplines to create the IBM X-Force Threat Intelligence Index, our annual report that plots changes in the cyber threat landscape to reveal trends and help clients proactively put security measures in place. Among the many noteworthy findings in the 2024 edition of the X-Force report, three major trends stand out that we’re advising security professionals and CISOs to observe: A sharp increase in abuse of valid accounts…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature