Logo Header Menu

IBM says automation is the next big step in cyber security

The fourth IBM cyber security survey has revealed how unprepared companies are for a cyber attack. How can they remedy this? IBM says automation is the next big step in cyber security image

The fourth IBM cyber security survey reveals how unprepared companies are for a cyber attack. Despite widespread acknowledgement that a strong cyber security response plan can save companies significant damages in the wake of an attack, the study shows that many organisations still do not have an incident response plan in place – and those that do have a plan are not testing it regularly.

This is especially concerning given that in the past two years 56% of UK organisations surveyed experienced a data breach, and 62% said they experienced a cyber security incident.

These incidents seem to be coming thick and fast with 50% of the organisations that experienced a data breach saying they experienced two to three times in the year and 19% of those had experienced more than five.

According to the survey, 61% of organisations say the volume of incidents has increased and 70% say the severity has increased.

Yet, 48% believe cyber resilience has improved.

How can this be the case? As it seems that for most firm’s cyber security incidents are a regular occurrence and when they do happen, they’re worse than ever.

Automate… under half? Fewer than 50% of enterprises have deployed intelligent automation technology

86% of IT executives surveyed by Appian believe human work, AI systems and robotic automation must be well-integrated by 2020 — but only 12% said their companies do this really well today

“Failing to plan is a plan to fail”

“Failing to plan is a plan to fail when it comes to responding to a cyber security incident,” said Ted Julian, VP of product management and co-founder, IBM Resilient.

Of those surveyed, 51% said they experience frequent disruptions to business processes or IT. On top of this, 75% of respondents said they do not have a Computer Security Incident Response Plan (CSIRP) that is applied consistently across the entire enterprise. And of the organisations that do have a CSIRP in place, 45% do not test plans regularly or at all.

However, in Julian’s opinion, this is not the way go about things: “These plans need to be stress tested regularly and need full support from the board to invest in the necessary people, processes and technologies to sustain such a program.

“When proper planning is paired with investments in automation, we see companies able to save millions of dollars during a breach.”

Studies show that companies who can respond quickly and efficiently to contain a cyber attack within 30 days save over $1 million on the total cost of a data breach on average.

It does seem that awareness amongst firms regarding the necessity of cyber security has increased though — a good sign. The time to detect, contain and respond to incidents has increased significantly, according to 30% of respondents.

Vigilante cyber security: collaboration is better than proactive cyber security

Can organisations realistically go on the offensive? Jonathan Couch saddles up to fire-off some words about proactive cyber security, it seems it helps if they can gather up a posse first, because proactive collaborative cyber security can work. Read here

So what about automation?

For the first time, this year’s study measured the impact of automation on cyber resilience. These technologies depend upon artificial intelligence, machine learning, analytics and orchestration.

When asked if their organisation leveraged automation, only 23% said they were significant users, whereas 77% reported their organisations only use automation moderately, insignificantly or not at all.  Organisations with the extensive use of automation rate their ability to prevent (69% vs. 53%), detect (76% vs. 53%), respond (68% vs. 53%) and contain (74% vs. 49%) a cyber attack as higher than the overall sample of respondents.

Considering this, it’s a wonder that 76% of senior managers who find it difficult to hire and retain IT security personnel don’t change their approach. Only 18% reported using automation significantly in their organisation.

Cyber security best practice: Definition, diversity, training, responsibility and technology

As part of Information Age’s Cyber Security Month, we look at cyber security best practice – everything from defining it to the importance of training. Read here

Latest news

divider
Tech and society
Helping traditional industry SMEs to go digital

Helping traditional industry SMEs to go digital

26 June 2019 / How can governments encourage their traditional industry SMEs to go digital? Well, it’s a significant [...]

divider
Software and Applications
Learning to love technical debt

Learning to love technical debt

25 June 2019 / Technical debt gets a bad rap. Engineers and technologists tend to speak of it as [...]

divider
News
Jobs and automation: no need to fear finds The Economist Intelligence Unit

Jobs and automation: no need to fear finds The Economist Intelligence Unit

25 June 2019 / The Economist Intelligence Unit (EIU) has published a report sponsored by RPA company UiPath, that [...]

divider
Cybersecurity
UK businesses downloading vulnerable software components

UK businesses downloading vulnerable software components

25 June 2019 / The average UK businesses downloaded over 21,000 software components with a known vulnerability in the [...]

divider
Healthcare
Healthcare’s biggest barrier to AI adoption

Healthcare’s biggest barrier to AI adoption

25 June 2019 / Less than 4% of all physician-patient interactions involve AI today; by 2023, one in five [...]

divider
Business Skills
Brexit the biggest concern for UK tech workforce, finds CWJobs

Brexit the biggest concern for UK tech workforce, finds CWJobs

25 June 2019 / Research has found that while UK tech professionals believe their industry is currently in a [...]

divider
News
Elephant Robotics launches a collaborative robot, Catbot, for smaller businesses

Elephant Robotics launches a collaborative robot, Catbot, for smaller businesses

25 June 2019 / A new collaborative robotic arm, targeted at smaller businesses and developed by Chinese firm Elephant [...]

divider
The City & Wall Street
Study reveals cyber security concerns on the rise amid M&A Activity

Study reveals cyber security concerns on the rise amid M&A Activity

25 June 2019 / According to a survey by Forescout, the cyber security firm, 53% of respondents said their [...]

divider
Governance, Risk and Compliance
The key takeaways from the MetricStream GRC Summit 2019

The key takeaways from the MetricStream GRC Summit 2019

25 June 2019 / On June 2-5, MetricStream hosted the GRC Summit 2019, the most influential gathering of GRC-focused [...]

Do NOT follow this link or you will be banned from the site!

Pin It on Pinterest