A recent survey from security firm Immersive Labs found that many organizations don’t hold crisis simulations more than once a year, and the majority of organizations when holding such exercises only do so with IT teams.
The study, conducted by Osterman Research, is based on a survey of senior security professionals at 402 organizations based in the U.S. and UK. According to the survey, “Cyber Crisis Response: Fit for Today’s Threat Landscape,” 40% of respondents are not confident that their organization would be able to handle an imminent data breach.
A quarter of those surveyed said that they run crisis exercises without including senior cybersecurity leadership, and only 20% included communication teams. And about half of those surveyed said that they don’t include professionals from various domains in their incident response exercises and of those organizations that do tap professionals across business units, they said they only meet once a month.
19 August 2020
Latest Blog posts
One-day exploit party with SaltStack
2 March 2021
Why so salty? Local privilege escalation on SaltStack minions
26 February 2021
Diverse organizations build high-performing crisis response teams. Here’s how.
24 February 2021
New package management flaw: dependency confusion
22 February 2021
Being out in the workplace: Why being open matters
15 February 2021
The digitalization of kidnap and extortion: a modern business dilemma
11 February 2021