According to the findings of a survey conducted Resilient Systems at GISEC, it has been revealed that nearly half (46 percent) of Middle East organisations have no Incident Response (IR) plans.
The survey of more than 150 enterprise security professionals also found the rate of security incidents is very high in the region, with 69 percent of organisations experiencing an incident in the last 12 months – highlighting the need for greater resilience against cybersecurity threats.
With preventative and detective tools alone failing to stop breaches, Incident Response is vital to ensuring that security incidents do not escalate into business crises. Historically, organisations would turn to consultancy services to establish the extent of security incidents and take action to mitigate the damage and future attacks. But with incidents increasing in frequency, sophistication, and severity, organisations can no longer afford to take an ad hoc approach to response.
Paul Ayers, General Manager, EMEA, of Resilient Systems, said, “In this new era of cybercrime, businesses are learning that identifying and protecting against threats isn’t enough – they have to be able to respond, and they have to do it faster, better, and smarter than before. Security incidents are inevitable – but the good news is that quick and effective response can make cyber threats manageable, and ensure that businesses can thrive in the face of them.”
Further findings of the survey indicated that seventeen percent of organisations reported having more than 25 incidents in the last year. It also revealed that Incident Response is becoming a priority for many, with 63 per cent saying their business will invest in Incident Response in the next 20 months, however, 14 per cent have no plans to improve incident response capabilities.
“Just as businesses have learned to live with fire, accidents, and theft for centuries, companies today can learn to mitigate and move on from cyberattacks, ”said Ayers. “Practice makes perfect. By preparing and provisioning for response, developing IR plans, and testing them regularly, organisations can take control of the situation – giving them the ability to limit or completely avoid incidents damaging their company and its public perception. That’s the essence of Cyber Resilience.”
Resilient System’s Incident Response Platform (IRP) arms incident response teams with workflows, intelligence, and deep-data analytics to react faster, coordinate better, and respond smarter. The Resilient Systems IRP is distributed in the Middle East through its partnership with security value added distributor, Shifra.
“As with the rest of the world, cybercrime in the Middle East has reached unprecedented levels in the recent past,” said Ahmad Elkhatib, managing director of Shifra. “These findings reflect the reality that, as businesses in the region grow, they will increasingly become the target of cyberattacks and require Incident Response tools in order to develop quick reflexes in handling breaches.”