baesystems.com/IRreport 3 // 16 Key Takeaways Incident Response teams are dealing with a significant number of incidents per month: • Approximately 66% of the organizations surveyed responded to between one and 25 cyber security incidents per month. • A further 26% of the organizations responded to between 25 and 99 incidents per month, and nearly 8% responded to 100 or more per month, an alarming number that demonstrates the growing threat to the public sector and private enterprises. worldwide. Evolving threats are a major concern: • 71% of organizations reported that they’d experienced a phishing incident, while 65% stated they’d been the subject of an untargeted virus or malware (65%) attack. This shows attackers are increasingly tailoring their approaches to achieve greater returns for their efforts. With the rise in social engineering attacks, it is imperative organizations focus on proper training and awareness for all employees and personnel. • 30% of the attacks handled by incident response teams were reported to be targeted attacks (e.g., ransomware, insider attacks, external hacking groups). Traditionally, healthcare and government agencies have been victims of targeted attacks, but a growing number of SMBs and financial organizations are being affected by similar incidents. Many organizations are not prepared to respond to cyber threats: • Approximately 22% of the respondents merely have temporary or in fact no incident response resources in place. Given the increased volume of attacks and the potential loss associated, these organizations should consider engaging third-party incident response services to ensure they are prepared for any data compromise. • 23% of incident response teams don’t conduct any readiness exercises with senior management, missing an opportunity to get crucial executive buy-in and support for what they do. • The good news is that organizations are – on the whole – keeping dedicated budgets for incident response either static (43%) or increasing investment (53%). This is in recognition of the importance of incident response and the need to react to security breaches quickly. 4 // 16 Incident Response Report 2019 Survey Respondent Profiles We surveyed board level executives, IT decision makers, and information security professionals to understand the current state of incident response capabilities and readiness. Organizations ranged from governmental agencies through to healthcare and technology firms, and from small (less than 500 employees) to large (over 10,000 employees) enterprises: Number of Employees Less than 1,000 28% 1,000 - 10,000 66% More than 10,000 6% Industry Technology 16% Banking & Finance 22% Government 6% Healthcare 6% Education 8% Job Function IT/Security Analyst 40% C-Suite/Management 22% Compliance 4% Fraud/Risk Management 2% Geography United States 67% United Kingdom 29% Canada 2%