Data Incident Response–Are You Prepared?

Two recent surveys provide some detailed analysis of cybersecurity and its impact in today’s world.

The Global State of Information Security Survey 2015, conducted by PricewaterhouseCoopers LLP (PWC), found a 48% increase in the number of security incidents detected from 2013. PWC surveyed more than 9,700 security, information technology and business executives found a total of 42.8 million security incidents detected on an annual basis. While this figure appears astronomical, it does not include undetected attacks, which would only serve to increase this figure. Many of these attacks result in what is commonly known as a data breach.

From a loss perspective, the Survey found the annual financial costs of investigating and mitigating security incidents increased substantially this year, particularly among large organizations, with the number of respondents reporting losses of $20 million or more almost doubling over 2013. Notably, most respondents experienced a minimum of $50,000 in financial losses due to security incidents.

Notwithstanding the significant number of incidents detected and the related loss, the 2014 Critical Security Control Survey, conducted by the SANS Institute, found that only 26% of CEOs and top level managers are aware of cybersecurity risks and remediation obligations. The Sans Survey, of 300 cybersecurity professionals, also found that less than 50% of companies have proper technological controls against malware and other malicious code and that 63% of companies say their in-house cybersecurity group lacks the necessary resources to assess and meet the cyber threat.

As we mentioned earlier this year, and as confirmed by each of these survey,organizations need to implement data incident response plans. To this end, we have prepared a summary of some of the Key Action Items for Responding to Data Breaches. While this list is not exhaustive, it should provide a general guide for incident response.