Confidence in Plan Effectiveness Lacking
Executives lack confidence in the effectiveness of their data breach response plans.
Although more companies have increased security investments and incident response planning, when asked about preparedness, many senior executives are not confident in how they would handle a real-life issue. Of the 81 percent of companies that report having a data breach response plan, only 34 percent believe they would be effective. Additionally, only 28 percent are confident in their ability to minimize the financial and reputational consequences of a material breach.
To help address this issue, security executives should ensure that data breach response plans are regularly audited and kept current with changes in the risks and threats facing a company. Only 25 percent of respondents say their organizations update the data breach plan once or twice each year. Thirty-five percent of companies admit their data breach plan has not been updated or reviewed since the plan was put in place.