The results of Ward Solutions’ 2016 information security survey, conducted in association with TechBeat have been published, and have garnered significant media attention. The results revealed that almost half of organisations wouldn’t report a data breach to affected third parties, and that nearly a fifth of businesses don’t know where their data is being stored.
As well as this, over a quarter (26.3%) of respondents admitted that their company has not planned for potential data compromises. An additional 12% are unaware of whether or not their company has a crisis management plan.
The rise in incidents of cybercrime over the past number of years has necessitated forward planning to deal with potential data breaches. Almost half of those surveyed confirmed that they had noticed an increase in the number of security incidents in their organisation over the course of the past 12 months. What’s more, 63.2% said that they expected to spend more on cybersecurity in the next year as a result. In order for businesses to survive and thrive they must accept the gravity of the cybersecurity threat and adapt their business strategies to tackle it head on.
On a positive note, it seems that the majority of organisations are aware of this necessity, with 61.7% of respondents stating that their organisation does have a crisis management plan in place, and are prepared for the consequences of a potential data breach.
However, over a quarter of organisations are leaving themselves extremely vulnerable to significant financial and reputational damage in the wake of a data breach. Analysis of security incidents, both nationally and internationally, points to significant brand damage and significant further loss to organisations through mishandling of a security incident in the time after the event.
Data compromises require a technical, information security and whole business response. This is very difficult to achieve effectively in the absence of a prepared plan that has been developed, communicated and tested in the context of a specific business. Implementation of a well-communicated, well-understood, and well-rehearsed crisis management plan is one way to stem further losses and damage once an incident occurs.
Many businesses believe that they have no need of a crisis management plan as they are unlikely to ever experience a security incident. However, it is important to remember that a security incident doesn’t necessarily have to be a hack or a data breach, it could also be as simple as a sustained high-profile, high-impact outage. This is something that could happen to any organisation at any moment.
Businesses who accept these new realities and plan with them in mind will continue to be successful. Those that do not put themselves at risk. Ward Solutions can work closely with organisations on the development of crisis management plans, tailored to their specific business needs. Organisations that opt to implement such a plan will dramatically reduce the threat level that they face from malicious hackers.
To read more about Ward Solutions’ 2016 Information Security Survey download our whitepaper: Mapping the Cybersecurity Landscape.
To find out more about how Ward Solutions can help your organisation to develop a crisis management plan, and about our range of information security offerings, contact us today. Visit our website or call +353 1 6420100.