While almost nobody said they were putting all their eggs into the prevention basket, one-third of cybersecurity professionals said they weighted intrusion prevention over incident response (IR) at a proportion of 80/20 or greater.
That’s according to a May 2022 Dark Reading report, titled “Breaches Prompt Changes to Enterprise IR Plans and Processes.” The 2022 Incident Response Survey polled 188 IT and cybersecurity professionals about their IR capabilities.
A total of 34% of respondents said they preferred to put 80% (21% of respondents), 90% (10% of respondents), or 100% (3% of respondents) of their resources into prevention over IR. Another 34% also prioritized prevention, with 21% preferring a 70/30 split and 13% dropping to 60/40. Less than a quarter (24% in total) weighted the two approaches evenly or favored IR over prevention, with 13% of that backing an even split of resources. Eight percent didn’t have an opinion.
Those were the 2022 survey results. The numbers from 2021 were very similar, with only a slight shift toward a more even distribution of resources back then; for example, the 80/20 split was only 18% in 2021, whereas 60/40 and 50/50 both sat three points higher at 16% apiece versus 2022’s 13%.
These results back up the overall perception that organizations still put more effort into preventing intrusions than remediating them. For example, a 2021 survey showed that 36% of companies didn’t have a detailed incident response plan in place. And last year’s Strategic Security Survey revealed high levels of interest in perimeter defense techniques, with 72% saying that intrusion prevention and detection measures were effective or highly effective.
Pressure from the US government and cyber insurance companies might swing the pendulum toward IR, however. Indeed, in March 2022, US President Joe Biden signed into law the Cyber Incident Reporting Act, which requires critical infrastructure industries to report intrusions quickly and act to remediate them. While that law will apply only to the 16 sectors considered critical, that does point the way for other organizations looking to build an IR plan.
For more, download the whole report.
Source: www.darkreading.com