77% of Multinational Firms Are Not Ready To Get Hacked, Says IBM

IBM with the partnership with Ponemon Institute has released their latest survey regarding the readiness of companies to cybersecurity issues, revealing that 77% of participating firms have admitted that they are not ready for the aftermath of the IT security issues, if it happens to them. This survey covered 2800 companies, focusing on companies’ capability to recover from the issue. It is truly revealing how companies operate in a very vulnerable state, ignoring the risks or rather their respective leadership doesn’t bother with IT security.

“The study was conducted by Ponemon Institute and sponsored by IBM Resilient and found that 77 percent of respondents admit they do not have a formal cyber security incident response plan (CSIRP) applied consistently across their organization. Nearly half of the 2800 respondents reported that their incident response plan is either informal/ad hoc or completely non-existent,” explained Kelly Kane, IBM Security’s Media Relations Officer.

However, almost the same number of respondents @72 percent are confident that they can better deal with cyber attacks now compared to last year, 2017. They boasted their recruitment capabilities to hire professional IT security people as they need it. The reality is personnel and relevant equipment work hand-in-hand, the improvement they derived when it comes to staffing their respective IT departments is rendered useless if their network setup and computer configurations are insecure.

It takes a lot of time, effort and funding in order to build a cybersecurity resistant and resilient systems. Especially if the company in question is very much still dependent on legacy hardware and software.

“This confidence may be misplaced, with the analysis revealing that 57 percent of respondents said the time to resolve an incident has increased, while 65 percent reported the severity of the attacks has increased. These areas represent some of the key factors impacting overall cyber resiliency. These problems are further compounded by just 31 percent of those surveyed having an adequate Cyber Resilience budget in place and difficulty retaining and hiring IT Security professionals (77 percent),” the IBM report emphasized.

Legacy systems is really the culprit of all of these, the very reason by Microsoft has made sure for decades that even Windows 95 apps are still compatible with Windows 10 today. This long history of legacy code, though convenient will never be secure. Users love convenience, but it is inversely proportional to security. Also, given that many millennials age less than 30 years old are entering the system administration profession, they are in a work environment of supporting legacy apps developed originally for an operating system that was older than them.

The sooner firms migrate their applications to fit the modern operating system’s architecture, the better. Legacy code increases the attack surface of a computer installation in particular and the entire corporate network in general. Major shifts of mindset requires of view for the corporate leadership. The migration away from legacy systems must start from the top, with the help of marketing and implementation teams educating users what are the advantages of finally making legacy systems truly obsolete and replaced with better and modern systems.