Many IT managers in German companies are not aware of the importance of incident response plans (IR plans) for preventing cyber incidents.
IT decision-makers in companies in Germany seem to underestimate the importance of incident response plans. Because four in ten say creating these would be a waste of time and money; In the event of a security incident, they could guide the team accordingly to respond. Furthermore, 38,0 percent of those surveyed do not know what incident response tools actually are and what options they offer. These results come from the current Kaspersky study: “Incident Response for Prevention – Why companies in Germany are poorly prepared for cyber attacks and how they can become more cyber-resilient thanks to incident response methods”.
Check security with IR plans
Incident response plans determine which actions to take in the event of a security incident, who is responsible for the various steps and how they are to be escalated if necessary. However, they not only support teams in an emergency to minimize the harmful consequences of an attack and maintain operations: they also provide a tool for continuously checking processes for security and identifying possible weak points. Despite their great importance, the current Kaspersky study shows an extremely mixed picture with regard to the existing knowledge, its appreciation and implementation.
Most of the IT managers surveyed (61,5 percent) use IR plans and tools in their company and say that these have already prevented attacks. A comparable number (60,5 percent) simulate incidents and also regularly review their IR plans to check their effectiveness.
Many IT managers do not know the importance of IR plans
On the other hand, according to the Kaspersky study, there is also a gap in knowledge and awareness among some of those responsible for IT security in Germany:
- More than a third (38,0 percent) know neither incident response tools nor their role in cyber defense.
- 44,5 percent are aware of their importance, but only use them in emergencies and fail to recognize their importance as a preventive measure.
- 41,0 percent of those surveyed even consider IR tools to be useless and their creation a waste of time and money.
These figures show the need for some companies in Germany to catch up when it comes to assessing the importance of their response capacity in the face of modern, diverse attack methods used by cybercriminals. Because a robust cybersecurity strategy using IR plans and tools represents a preventive measure in the cyber resilience and defensive responsiveness of companies.
Preventive measures strengthen cyber resilience
“The same applies to cyber attacks: it is better to be prepared than to be cured. This means: Companies should invest in preventive measures before an incident and not only when an acute attack occurs. The (non-)preparation for attacks by many companies in Germany is worrying. For years, major attacks have repeatedly shown how important it is to have comprehensive security measures implemented and to be prepared in order to be able to react quickly if the worst comes to the worst. However, the opposite is all too often the case: companies shy away from the costs and effort of developing appropriate incident response plans that can help them react quickly and efficiently in an emergency. That needs to change!"
More at Kaspersky.com
About Kaspersky Kaspersky is an international cybersecurity company founded in 1997. Kaspersky's in-depth threat intelligence and security expertise serve as the basis for innovative security solutions and services to protect companies, critical infrastructures, governments and private users worldwide. The company's comprehensive security portfolio includes leading endpoint protection as well as a range of specialized security solutions and services to defend against complex and evolving cyber threats. Kaspersky technologies protect over 400 million users and 250.000 corporate customers. More information about Kaspersky can be found at www.kaspersky.com/