July 15, 2020

Volume X, Number 197

July 15, 2020

Subscribe to Latest Legal News and Analysis

July 14, 2020

Subscribe to Latest Legal News and Analysis

July 13, 2020

Subscribe to Latest Legal News and Analysis

Incident Response Plan Saves Money

The Ponemon Institute recently completed research, sponsored by IBM Resilient, entitled “The 2019 Cyber Resilient Organization,” which surveyed more than 3,600 security and IT professionals around the world to determine organizations’ ability to maintain their core purpose and integrity in the face of cyber-attacks.

According to IBM, the research found that “a vast majority of organizations surveyed are still unprepared to properly respond to cybersecurity incidents, with 77 percent of respondents indicating they do not have a cybersecurity incident response plan applied consistently across the enterprise.”

Following the results of IBM/Ponemon’s 2018 study on the cost of a data breach, which showed that companies that respond quickly and efficiently to contain a cyber-attack within 30 days save over $1 million on average, this study shows that organizations are still falling short when it comes to planning for an incident and testing the incident response plan.

Almost half of the respondents admitted that, since they do not have an incident response plan in place, they are not in full compliance with GDPR.

Significantly, 62 percent of those surveyed state that aligning the privacy and cybersecurity teams of the organization “is essential to achieving resilience” and that data privacy has become a top priority in organizations.

Finally, the survey found that more than half of those surveyed (54 percent) do not test their incident response plans regularly, “which can leave them less prepared to effectively manage the complex processes and coordination” following an attack.

Message: developing, implementing and testing an incident response plan saves money. According to this research, it is a sound investment.

Copyright © 2020 Robinson & Cole LLP. All rights reserved.National Law Review, Volume IX, Number 108


About this Author

Linn F. Freedman, Robinson Cole Law Firm, Cybersecurity and Litigation Law Attorney, Providence

Linn Freedman practices in data privacy and security law, cybersecurity, and complex litigation. She provides guidance on data privacy and cybersecurity compliance to a full range of public and private clients across all industries, such as construction, education, health care, insurance, manufacturing, real estate, utilities and critical infrastructure, marine, and charitable organizations. Linn is a member of the firm's Business Litigation Group and chairs its Data Privacy + Cybersecurity Team. She is also a member of the Financial Services Cyber-Compliance Team (CyFi ...