A new survey conducted by Microsoft and Marsh found that two-thirds of 1,300 senior executives polled said cybersecurity was a top five risk management priority for their company. But while companies fear the impact of a cyberattack, only 19 percent are highly confident in their organization’s ability to prevent and respond to a hack. In fact, only 30 percent have developed a plan to respond to a cyberattack.
Businesses of all sizes can begin to create a cyberattack response and prevention plan by first identifying vulnerabilities. IT and security departments should run regular incident tests to identify weaknesses and strengthen the security program. Go beyond checking to make sure that software is up to date, although this is also important because most companies are way behind on security patch updates. Realistically prepare for the fallout of an attack by creating faux incident scenarios and run them through the organization in order to critique shortcomings and identify areas for cybersecurity improvement.
