“How many millions did you pay threat actors in a ransomware attack?”

“Which investments most significantly improved cyber resiliency for your organization?”

“Do you have a cybersecurity incident response plan that’s applied consistently across your enterprise?”

The answers to these and other key questions produced several notable findings in the latest 2021 Cyber Resilient Organization Study. This study is based on an annual global survey of more than 3,600 IT and security professionals in over 15 industries, and was published by IBM Security with independent research by the Ponemon Institute. The results indicate that while incremental cybersecurity investments are only stalling ever-evolving attackers, your organization can incrementally add some best practices to strengthen its cyber resiliency.

A Chronic Need for Better Cyber Resiliency: Ransomware

This year, respondents expressed the following doubts about their organizations’ ability to address ransomware:

  • Only 51% reported that their organizations had a specific response plan for ransomware
  • 46% reported that their organizations had one or more ransomware attacks in the last two years
  • 61% of those respondents who reported they had a ransomware attack in the last two years claimed they paid the ransom

Additionally, 83% of organizations that experienced a ransomware attack in the last two years had threat actors demand a ransom of over USD 1 million. Along with potential millions lost to ransoms, businesses can incur other significant post-breach costs, including but not limited to regulatory fines and customer churn.

Clearly, leaders of enterprises need to establish a mature level of cyber resiliency to better handle ransomware and other potential data breaches. A higher level of maturity means all planned and defined cyber resiliency security activities can be deployed and maintained or refined — or both — across the organization. Unfortunately, only 26% of respondents reported their organizations have cybersecurity incident response plans that are applied consistently across the entire enterprise, a figure that has remained low over the years during the annual surveys.

Explore the full study

One Solution: A Zero Trust Approach

In their search for an effective strategy for cyber resiliency, respondents cited the use of a zero trust approach. This strategy assumes the breach has occurred rather than gathering more defenders at the walls and prioritizes enforcing access and detecting adversaries in your network. The approach also gives leaders better context when making security investments.

Among all respondents, 35% reported their organizations have adopted a zero trust approach. Of that group, 65% agreed a zero trust strategy strengthens cyber resiliency. And 66% of respondents who said their organization’s use of a zero trust approach is significant or moderate cited their top reason as improving operational efficiency.

Another Defense Strategy: Extended Detection and Response, or XDR

Among those surveyed, 31% of respondents reported their organizations have adopted XDR. Additionally, 76% agree that adopting XDR has strengthened their organization’s cyber resiliency.

An XDR solution can unite multiple siloed security tools and reduce the complexity that impedes fast detection and response. Also, XDR solutions offer analytics and automated workflows to give security teams time back to tackle the most difficult problems: investigating and hunting for threats.

Respondents recommended other best practices for enterprises to adopt to mitigate the severity of attacks and improve cyber resiliency. Read the report to discover those solutions, and why and how the advantages of their implementation can bolster your organization’s security posture.

More from Zero Trust

Zero Trust Data Security: It’s Time To Make the Shift

4 min read - How do you secure something that no longer exists? With the rapid expansion of hybrid-remote work, IoT, APIs and applications, any notion of a network perimeter has effectively been eliminated. Plus, any risk inherent to your tech stack components becomes your risk whether you like it or not. Organizations of all sizes are increasingly vulnerable to breaches as their attack surfaces continue to grow and become more difficult — if not impossible — to define. Add geopolitical and economic instability…

4 min read

How Zero Trust Changed the Course of Cybersecurity

4 min read - For decades, the IT industry relied on perimeter security to safeguard critical digital assets. Firewalls and other network-based tools monitored and validated network access. However, the shift towards digital transformation and hybrid cloud infrastructure has made these traditional security methods inadequate. Clearly, the perimeter no longer exists. Then the pandemic turned the gradual digital transition into a sudden scramble. This left many companies struggling to secure vast networks of remote employees accessing systems. Also, we’ve seen an explosion of apps,…

4 min read

SOAR, SIEM, SASE and Zero Trust: How They All Fit Together

4 min read - Cybersecurity in today’s climate is not a linear process. Organizations can’t simply implement a single tool or strategy to be protected from all threats and challenges. Instead, they must implement the right strategies and technologies for the organization’s specific needs and level of accepted risks. However, once the dive into today’s best practices and strategies begins, it’s easy to quickly become overwhelmed with SOAR, SIEM, SASE and Zero Trust —  especially since they almost all start with the letter S.…

4 min read

Contain Breaches and Gain Visibility With Microsegmentation

4 min read - Organizations must grapple with challenges from various market forces. Digital transformation, cloud adoption, hybrid work environments and geopolitical and economic challenges all have a part to play. These forces have especially manifested in more significant security threats to expanding IT attack surfaces. Breach containment is essential, and zero trust security principles can be applied to curtail attacks across IT environments, minimizing business disruption proactively. Microsegmentation has emerged as a viable solution through its continuous visualization of workload and device communications…

4 min read