HP has unveiled the results from a new study on the importance of senior executive involvement in a breach response plan and released free online tools to help executives assess their organisation’s current level of preparedness.
According to the HP sponsored1 2014 Executive Breach Preparedness Research Report, more than 70 percent of executives think that their organisation only partially understands the information risks they’re exposed to as a result of a breach. To add to that, less than half of c-suite and board-level executives are kept informed about the breach response process and only 45 percent believe they are accountable for the incident response process.
“Without a well thought out plan in place, and without the proper guidance, training and process instituted throughout the organisation, executives can stumble when dealing with the public outcry once sensitive data has been compromised,” said Arthur Wong, senior vice president and general manager, Enterprise Security Services, HP. “No amount of spend can completely protect organisations from highly sophisticated cyber-attacks, but how prepared an organisation is in the event of a breach can mean the difference between a speed bump in the road or a catastrophic business event.”
To help executives prepare for a breach, HP has developed free online resources to determine the amount of risk an organisation faces and its readiness to respond to a breach, including:
- A study exploring how 300 global organisations plan and use best practices to prepare for cyber security incidents.
- HP breach response assessment contains a series of questions that compares an organisation’s answers to those of its industry peers. Using the tool, an individual can assess the organisation’s ability to respond to a data breach and identify areas of strength and weakness when it comes to preparing for a breach.
- HP executive breach response playbook consists of scenarios, best practices, and benefits in planning that will help an organisation understand the response plan and how to be prepared in the event of a data breach.
- Webinars to help executives draft and implement breach preparedness plans.
Additional key findings from the 2014 Executive Breach Preparedness Research Report include:
- 79 percent of respondents say executive level involvement is necessary to achieve a successful data breach response, while 70 percent believe board level oversight is also crucial.
- Only 45 percent of executives believe that their own enterprise’s incident response process is either proactive or mature.
- 57 percent of respondents say the loss or theft of more than 10,000 records containing confidential or sensitive information constitutes a significant data breach. In terms of cost, a data breach that averages approximately US$2 million is considered significant.
Learn more about research findings
Findings from the Executive Breach Preparedness study and the free online resources are available at www.hp.com/go/breachresponse. Information about HP Enterprise Security Services at www.hp.com/enterprise/security.