Cyberattack preparations may not be robust enough to withstand real attacks at many organisations, according to a recent report.

The analyst IDC said that 85 per cent of organisations have playbooks for cyber intrusion detection, prevention and response. In addition, over nine out of ten (92 per cent) said their data resilience are efficient or highly efficient.

Limited experience

But report author Phil Goodwin said that breach data raised questions about this apparent confidence. For example, 46 per cent of those surveyed suffered a breach during the past three years. And 67 per cent of those attacked by ransomware admitted to paying the demands. Of those, half lost data.

“The commonly used do-it-yourself approaches to cyberpreparedness are insufficient,” Goodwin said. “Recovery is limited to the experience of those implementing it — many of whom may have no experience with an actual attack response.”

Most businesses did not rate the threat of losing money to ransomware demands highly. Instead, they said that their top concerns were data loss, an inability to recover quickly, poor data protection capabilities, and loss of productivity and revenue.

The report concluded that while organisations took data resilience seriously, plans often failed when tested by real-life incidents.

Most challenging risks

Meanwhile, financial organisations sited cyberattacks most frequently (74 per cent) in the Bank of England’s most recent Systemic risk survey for 2022. 

But geopolitical risk and inflation risk followed closely behind – sited by 72 per cent each. While respondents most frequently said that inflation risk poses the hardest risk to manage (61 per cent), cyberattack was second (56 per cent).

Reactive

Last year, the UK Government published findings from a series of case studies. Those who participated had suffered cyberattacks.

It found that while organisations took the risk seriously, responses tended to be reactive and piecemeal. Too many organisations prioritised using technology as a primary defence rather than addressing cultural weaknesses around security.

Few organisations accurately quantified the losses they sustained in an attack. In addition, “…very few organisations in the study implemented a formal ‘lessons learned’ process in the aftermath of the breach.”

Read, You think ransomware is your only problem? Think again

Read, Systemic risk survey results – 2022 H2.

Read, Exploring organisational experiences of cyber security breaches.