2/3 companies wont recover after cyberattack, study reveals

Furthermore, the results show a decline in organizational resilience against cyberattacks. Of the respondents, 32% of IT and security professionals ranked their resilience as high. That same number was 35% in 2015, marking a drop over the past 12 months.

One of the biggest hindrances to effective security listed by respondents was the lack of a proper cyber security incident response plan (CSIRP).

Two thirds of respondents say that the next highest barrier to proper resilience is “insufficient planning and preparedness.” The research also noted that 46% listed “complexity of IT processes” as something that kept their organization from achieving resilience. That number is up from 36% in 2015.

The study also looked at what type of security incidents the respondents were experiencing. Some 53% reported that they had dealt with at least one data breach in the past two years. Over that same period, 74% said their organization had experienced threats as a result of “human error,” the release said.

Not only data breach, but also malware (74%) and phishing (64%) topped the list of frequently-experienced attacks. And, while most respondents were not confident in their organizations ability to recover from an attack, 68% believed their organization could at least remain resilient.