In future, companies want to shift their expenditure and activities for cyber security more towards solutions and processes for detecting incidents and responding accordingly (incident response).
Companies currently spend 77 percent of their IT security budgets on conventional prevention and protection measures such as endpoint solutions and firewalls.
However, this does not always stop cyber attacks. In the last twelve months alone, 67% of the companies surveyed by PAC registered security breaches, and over a longer period of time, every company has even been the victim of an external attack.
For the study "Incident Response Management. How European Enterprises are Planning to Prepare for a Cyber Security Breach", 200 IT decision-makers and security managers from companies with over 1,000 employees in the UK, France and Germany were surveyed, which together account for 60 percent of the Western European cyber security market. The study was supported by FireEye, HP, Telefonica and Resilient Systems.
75,000 euros direct damage
As security breaches increase, so do the costs caused by them. According to the study, they currently average 75,000 euros in direct costs - not to mention loss of business and damage to image. According to the company, it takes one to six man-months to recover from an attack.
This makes it all the more important, if not to contain the attack, then at least to contain the damage caused. However, this is countered by the fact that 69% of companies only notice the security breach after up to six months in some cases.
As a result, there is growing interest in solutions and processes that can quickly detect and respond to security breaches that have already occurred (incident response).
According to the PAC study, 23% of companies' IT security expenditure is now spent on such solutions. In the next two years, this figure is expected to rise to 39 percent.
"Companies are coming to terms with the fact that cyber attacks are unavoidable"
comments Duncan Brown, Research Director at PAC and author of the study.
"They are no longer spending a large part of their security budgets on prevention, but are planning more balanced budgets for dealing with cyber attacks."
Companies also need to be better prepared for attacks from the Internet, Brown demands.
"86 percent of companies believe they are prepared for a cyber attack, but 39 percent have no cyber breach preparedness plan!""Cyber attacks are increasingly customized, making the impact on the business operations of affected companies much more lasting"
confirms Greg Day, EMEA VP & CTO, FireEye.
Outsourcing of incident response is the rule
As the demand for incident response solutions has grown, so has the interest in external service providers in order to reduce costs and quickly access the necessary expertise.
In contrast to the provision of resources for cyber security in most companies, the purchase of incident response from third-party providers is now the norm, according to the study.
"69 percent of companies use external resources to respond to cyber attacks"
says Brown.
"This use of external incident response services is a long-term strategy. The companies plan to use specialists when necessary."
Most CISOs (Chief Information Security Officers) have reservations about outsourcing security, as they fear a loss of visibility and control.
For incident response, however, it is better to have external resources at your disposal - possibly on an advance basis - instead of diverting internal staff from their main tasks in the event of an attack.
DE
EN
ES
FR
