A study that was conducted by Ponemon Institute and sponsored by IBM Resilient and found that 77 percent of respondents admit they do not have a formal cyber security incident response plan. About half of the 2,800 respondents reported that they didn’t even have an informal response plan.
Of course, Ponemon and IBM have a vested interest in encouraging IT leaders to invest more in security, but even accounting for that reality, it’s clear too many orgaizations don’t have a formal cyber security incident response plan.
What does this mean? It means that if they are hacked, or held hostage by ransomware, they are likely to just run around in circles versus solving the problem.