dcsimg

Study Finds More Companies Have Data Breach Response Plan, But Still Lack Crucial Steps

  • Study Finds More Companies Have Data Breach Response Plan, But Still Lack Crucial Steps-

    Confidence in Plan Effectiveness Lacking

    Executives lack confidence in the effectiveness of their data breach response plans.

    Although more companies have increased security investments and incident response planning, when asked about preparedness, many senior executives are not confident in how they would handle a real-life issue. Of the 81 percent of companies that report having a data breach response plan, only 34 percent believe they would be effective. Additionally, only 28 percent are confident in their ability to minimize the financial and reputational consequences of a material breach.

    To help address this issue, security executives should ensure that data breach response plans are regularly audited and kept current with changes in the risks and threats facing a company. Only 25 percent of respondents say their organizations update the data breach plan once or twice each year. Thirty-five percent of companies admit their data breach plan has not been updated or reviewed since the plan was put in place.

1 | 2 | 3 | 4 | 5 | 6 | 7

Study Finds More Companies Have Data Breach Response Plan, But Still Lack Crucial Steps

  • 1 | 2 | 3 | 4 | 5 | 6 | 7
  • Study Finds More Companies Have Data Breach Response Plan, But Still Lack Crucial Steps-3

    Confidence in Plan Effectiveness Lacking

    Executives lack confidence in the effectiveness of their data breach response plans.

    Although more companies have increased security investments and incident response planning, when asked about preparedness, many senior executives are not confident in how they would handle a real-life issue. Of the 81 percent of companies that report having a data breach response plan, only 34 percent believe they would be effective. Additionally, only 28 percent are confident in their ability to minimize the financial and reputational consequences of a material breach.

    To help address this issue, security executives should ensure that data breach response plans are regularly audited and kept current with changes in the risks and threats facing a company. Only 25 percent of respondents say their organizations update the data breach plan once or twice each year. Thirty-five percent of companies admit their data breach plan has not been updated or reviewed since the plan was put in place.

Amidst today's threat landscape, it is a positive sign that businesses have acknowledged data breaches as a corporate issue they must prepare for. Research shows business leaders are now more aware of the detrimental impact a data breach has on brand reputation. However – after reviewing three years of survey data on how executives are preparing for a data breach – it is surprising to report that many are still struggling to feel confident in their ability to manage a breach and execute a response plan.

According to Experian Data Breach Resolution's Third Annual Study: Is Your Company Ready for a Big Data Breach?, 81 percent of companies now have a baseline data breach response plan in place, but only 34 percent of executives view those plans as effective. This can be largely attributed to significant holes in the response plans in terms of the types of data breaches they should prepare for.

Based on the survey of 604 executives and staff employees who work in privacy and compliance fields in the U.S., the following slideshow examines the current state of data breach preparedness in corporate America and steps security decision-makers can take to improve their incident response plans.