According to new research by Pierre Audoin Consultants (PAC), organisations are changing how they allocate their cyber security budgets.
As more organisations realise that cyber attacks are inevitable, they are shifting away from traditional ‘prevent and protect’ security and are heading towards ‘detect and respond’.
“Firms are coming to terms with the inevitability of a cyber breach,” said Duncan Brown, research director at PAC. “Rather than spending a majority of security budget on prevention, firms will apply a more balanced approach to budgeting for cyber attacks.”
200 people took part in the study, all of whom are from British, French or German companies with more than 1,000 employees.
Key findings include:
- Organisations spend 77% of their security budgets on a prevent and protect approach using endpoint solutions and firewalls.
- Expenditure is moving towards the post-breach detect and respond capability, which accounts for 23% of spending today but will grow to 39% in two years.
- 67% of firms experienced a breach in the last year, and 100% have been breached at some time in the past.
- Firms struggle to identify cyber breaches, and 69% take between one and six months to discover an attack.
I often talk about the need for cyber resilience in all organisations. An organisation that is cyber resilient is able to prevent most cyber threats and mitigate the damage of the threats that do manage to get through defences.
According to the research carried out by PAC, 86% of organisations believe that they are prepared for a cyber breach, but 39% don’t have a cyber readiness plan, which Brown believes suggests “that some firms are in denial, or ill informed, as to the true states of their readiness”.
Find the right balance
It’s vital that organisations find the right balance between prevention and response. An organisation that puts all its eggs in one basket and solely spends on prevention will find itself in a tough situation when it inevitably suffers a breach, ditto for those that spend solely on response.
To find the right balance, organisations needs to implement a framework that combines prevent and protect, and detect and respond – and enables them to work together.
ISO 27001 and ISO 22301
The internationally recognised standards, ISO 27001 (information security management best practice) and ISO 22301 (business continuity management best practice), are the ideal solution for organisations that want to be cyber resilient.
When combined, these two standards will ensure that your organisation is capable of preventing the majority of cyber attacks and will also help you handle those attacks that get through.
To learn more about cyber resilience, download our free green paper: Cyber Resilience: Cyber Security and Business Resilience