Below is a roundup of the some of the most popular cybersecurity stories from the past month.

Despite Growing Threats, Many Organizations Still Unprepared

The vast majority of organizations still lack a formal cybersecurity incident response plan (CSIRP) that’s applied consistently across the organization, according to a new report from the Ponemon Institute. Paradoxically, the institute’s third annual study on cyber resilience found that organizations feel much more positive about their readiness than they did last year.

The survey is a study in contrasts. Despite their newfound confidence, 57 percent of respondents said that it’s taking longer to resolve incidents. Meanwhile, just 31 percent said they had sufficient budget for cyber resilience and 29 percent reported having the ideal staffing level. Given the IT skills shortage, look to artificial intelligence (AI) and machine learning to help alleviate the crisis.

Are You Ready for Anything?

IBM Security General Manager Marc van Zadelhoff couldn’t have been more prescient when he stated in a March 27 blog post that “cybercriminals are stealing your data. You’re scrambling to respond, hustling to contain, scurrying to an emergency board meeting. … You may be thinking that this isn’t going to happen to you, but many recent headlines say otherwise.” Indeed, in the days immediately following his pronouncement, a bevy of new breaches splashed across the headlines.

If preventing a breach is becoming ever more difficult, is there any hope for organizations to recover and even thrive in the aftermath of a cyber incident? This topic was covered in depth at the IBM Think event last month, where speakers offered security professionals guidance on how to prepare for the if and respond to the when. In the keynote “Ready for Anything: Build a Cyber Resilient Organization,” experts explained how to prepare through practice and runbooks, and covered what skills you need to quickly stop the damage in a crisis, recover and resume operations.

Celebrating Women in Security

Bridgette Pepper never expected to pursue a career in security, even though she was good with technology and loved solving problems. She studied political science in college, intending to become a lawyer, but took a risk, switched majors and has never looked back. Pepper, who is now a project manager for global solution design at IBM Security, is one of six women interviewed in an article celebrating International Women’s Day. The diverse group included interns and senior IBM executives talking about what attracted them to cybersecurity. The thrill of constant change, solving problems and making a difference were common themes in their remarks.

Speaking of making a difference, a panel of top IBM Security female executives also convened this month for a webinar titled “Why the Future for Women in Security Is Now.” A highly recommended watch for cybersecurity professionals of all levels and genders, this webinar offers powerful insights on the challenges facing the industry — but will nonetheless leave you feeling optimistic about what lies ahead.

Security Pros Get Their Own IBM Community

The bad guys are getting better at collaborating, so shouldn’t the good guys do the same? That’s the thinking behind the launch of the IBM Security Community, a place where security professionals can network with their peers, discuss cybersecurity news, learn about events and meetings, and improve their skills using IBM’s expanding portfolio of security products. The community will be run by its members, but IBM subject matter experts will be available to answer questions.

Guidance for the CISO

A good chief information security officer (CISO) is always open to taking advice or trying a new approach where an old one has proven unsuccessful. There were valuable insights in several recent articles that any CISO or security leader could benefit from.

In “Signs That Your Security Program Is Going Nowhere Fast,” Kevin Beaver explained how even organizations with the strongest security policies, most advanced tools and regular training are liable to overlook major security gaps. Instead of going through the motions, security leaders should set clear goals and measure the organization’s performance to identify areas in need of improvement. Otherwise, minor oversights can add up and become formidable challenges for the security team.

Meeting these goals requires buy-in from the entire enterprise, from the board of directors to rank-and-file employees. That’s why it’s crucial for the CISO to exert his or her influence within the organization to strengthen security culture, as Christophe Veltsos wrote in “Putting the ‘I’ in CISO: Why the Security Leader Must Become an Influencer.” Becoming an influencer doesn’t mean asserting absolute authority, however. Instead, the CISO must be proficient in the art of listening, forging strong alliances among line-of-business (LOB) managers and communicating the value of security in terms that executives can understand.

But before the CISO can communicate security concerns to lines of business, he or she must establish a proper framework to efficiently analyze threat intelligence and translate it into actionable insights. In “Security Intelligence at the Strategic, Operational and Tactical Levels,” Bob Gourley, a former naval intelligence officer, explained the differences between strategic, operational and tactical threat data and how they inform incident response planning, day-to-day decision-making and tactical operations during a breach.

Stay Tuned for More Cybersecurity News

Along with May flowers, April showers will inevitably bring new threats, trends and cybersecurity surprises. As we finally spring into a warmer season, stay tuned for more cybersecurity news next month.

More from CISO

Bringing threat intelligence and adversary insights to the forefront: X-Force Research Hub

3 min read - Today defenders are dealing with both a threat landscape that’s constantly changing and attacks that have stood the test of time. Innovation and best practices co-exist in the criminal world, and one mustn’t distract us from the other. IBM X-Force is continuously observing new attack vectors and novel malware in the wild, as adversaries seek to evade detection innovations. But we also know that tried and true tactics — from phishing and exploiting known vulnerabilities to using compromised credentials and…

What’s new in the 2023 Cost of a Data Breach report

3 min read - Data breach costs continue to grow, according to new research, reaching a record-high global average of $4.45 million, representing a 15% increase over three years. Costs in the healthcare industry continued to top the charts, as the most expensive industry for the 13th year in a row. Yet as breach costs continue to climb, the research points to new opportunities for containing breach costs. The research, conducted independently by Ponemon Institute and analyzed and published by IBM Security, constitutes the…

Cyber leaders: Stop being your own worst career enemy. Here’s how.

24 min read - Listen to this podcast on Apple Podcasts, Spotify or wherever you find your favorite audio content. We’ve been beating the cyber talent shortage drum for a while now, and with good reason. The vacancy numbers are staggering, with some in the industry reporting as many as 3.5 million unfilled positions as of April 2023 and projecting the disparity between supply and demand will remain until 2025. Perhaps one of the best (and arguably only) ways we can realistically bridge this gap is to…

Poor communication during a data breach can cost you — Here’s how to avoid it

5 min read - No one needs to tell you that data breaches are costly. That data has been quantified and the numbers are staggering. In fact, the IBM Security Cost of a Data Breach estimates that the average cost of a data breach in 2022 was $4.35 million, with 83% of organizations experiencing one or more security incidents. But what’s talked about less often (and we think should be talked about more) is how communication — both good and bad — factors into…