Most businesses unprepared for cyberattack, study finds

New research suggests that 83 percent of businesses worldwide are still unprepared to cope with online security incidents.
Written by Charlie Osborne, Contributing Writer on
credit cnet
Credit: CNET

A new survey suggests that the majority of businesses across the globe are unprepared to deal with cyberattacks in the future.

Research conducted by the Economist Intelligence Unit and Arbor Networks says that while cyberattacks are on the rise, corporations are still woefully unprepared in dealing with the prevalent threat.

If hackers manage to break in to a corporate system, whether through the primary network or through a third party with access to systems, then this can leave client information at risk -- including finances, addresses and contact details.

Once a breach occurs, not only can this cost a firm a fortune to fix, but a company's reputation is likely to be damaged -- which in turn can lower future profit margins if consumer trust cannot be restored. As an example, U.S. retailer Target's recent security breach resulted in the theft of at least 40 million customer records containing credit and debit card data, as well as approximately 70 million accounts with information including home addresses and mobile phone numbers.

These kinds of cyberattacks, especially in high-profile cases, are not easy to recover from. Despite this, the business intelligence provider and security firms' report, "Cyber incident response: Are business leaders ready?" says that many companies are still not getting the message -- that skilled employees and the investment of time and money are necessary to keep networks safe.

After surveying 360 senior business leaders in companies across the U.S., Europe and Asia-Pacific, the companies found that while 77 percent of firms have suffered a security breach in the past two years, over a third of firms -- 38 percent -- still have no incident response plan in place should a cyberattack occur.

A mere 17 percent of businesses worldwide claim to be "fully prepared" for an online security incident.

Many respondents said that IT departments were relied upon to cope with the problem of cyber threats, but firms that have suffered a breach within the last two years were twice as likely to have hired third-party IT experts or teams to better understand the risks that networks face.

Whole 41 percent of business leaders feel a better understanding of potential threats would help them be better prepared, in order to save face, only a third of companies share data concerning incidents with others to spread best practices and exchange information -- and 57 percent do not voluntarily report incidents if not legally required to do so.

Arbor Networks President Matthew Moynahan commented:

"As these findings show, when it comes to cyber-attacks, we live in a “when” not “if” world. In the wake of recent high profile targeted attacks in the retail sector, a company’s ability to quickly identify and classify and incident, and execute a response plan, is critical to not only protecting corporate assets and customer data, but the brand, reputation and bottom line of the company."

Editorial standards