Cyber Crisis Response: Fit for today’s threat landscape?

Cyber crisis response and preparedness is on everyone’s lips, yet organizations’ efforts are failing to adapt to modern threats. Discover the first definitive report into cyber crisis preparedness, led by Osterman and Immersive Labs.

The Definitive Report into Cyber Crisis Preparedness

Tabletop exercises have long been considered an essential tool in preparing organizations to face cyber crises. While they once played a vital part in helping workforces deal with cybersecurity incidents, they’re now rapidly falling into obsolescence. 

So what’s the alternative? How many organizations still rely on PowerPoint-driven tabletop exercises to bolster their incident response plans? Is this legacy method of defining cyber crisis response widening the gap between attackers and defenders? 

In collaboration with Osterman Research, we tapped into the collective consciousness of over 400 CISOS and senior security leaders. We sought to discover how influential security professionals prepare for the worst – and just how far behind legacy training techniques have fallen. 

TOPICS
Cyber Crisis Sim
eBook
PUBLISHED

12 August 2020

Our Key Findings

event

Most tabletop exercises take place annually

Between 2019 and 2020, 50 large, publicly acknowledged breaches took place. Can annual exercising keep pace in a threat landscape that shifts almost daily?

campaign

Customer and communications teams are under-represented at cyber crisis exercises

When things go wrong, it has to be all hands on deck. But only 13% of CISOs bring customer teams into exercises and 20% involve communications executives.

layers

The most common scenarios involve data breaches, ransomware attacks, and spear-phishing attacks

59% of recent exercises were focused on data breaches, 57% on ransomware attacks, and 45% on spear-phishing attacks, with most organizations running multiple scenarios during a single exercise.

attach_money

Tabletop exercises are expensive and time consuming

Most organizations spent more than $30,000 on their most recent exercise, with 13% engaging more than 20 people.

grade

Most cybersecurity professionals believe tabletop exercises have helped prepare their organizations to respond to crises

Nearly 80% of those questioned believe the exercises have prepared their organization to respond to future cyber threats.

We help businesses to increase and evidence human capability in every part of cybersecurity.

Legal