Business Continuity Institute publishes ‘Cyber Resilience Report’
- Published: Thursday, 30 June 2016 07:19
Two thirds of respondents to a global survey by the BCI state that they experienced at least one cyber incident during the previous twelve months, and 15 percent experienced at least ten incidents during the same period.
The survey found there was a wide range of response times for cyber incidents. Almost a third of organizations (31 percent) stated that they responded within one hour. However, one fifth (19 percent) take a worrying four hours or more in responding to a cyber event, and almost half (44 percent) take more than two hours to respond. This has clear implications for the time taken to return to business as usual, and the ultimate cost of the incident to the organization.
Even if organizations wish to respond immediately to a cyber attack, the nature of the attack may render them unable to do so. The research found that phishing and social engineering was the top cause of cyber disruption, with over 60 percent of companies reporting being hit by such an incident over the past 12 months, and 37 percent hit by spear phishing. It also found that 45 percent of companies were hit by a malware attack and 24 percent by a denial of service. All these forms of attack will, in different ways, render an organization’s own network either contaminated or inoperable. Their website may have been taken down and they may well have to switch off their internet connection until they can secure themselves from further attack.
The research also found that the costs of these incidents varied greatly, with 73 percent reporting total costs over the year of less than €50,000, but 6 percent reporting annual costs of more than €500,000.
The results of the survey of 369 business continuity and resilience professionals, sponsored by Crises Control, have been published in the Cyber Resilience Report.
Read the report here (registration required).