IT decision makers (ITDMs) are overly optimistic about how long it would take their organization to recover from a serious cybersecurity incident, according to new data from Fastly.
The cloud services provider polled 1800 ITDMs with responsibility for cybersecurity in organizations across the Americas, Europe, APAC and Japan to compile its Global Security Research Report.
The study revealed that it takes 7.34 months on average to fully recover from an incident, 25% longer than 5.85 months predicted by respondents.
Recovery times are expected to be even longer (8.14 months) for organizations planning to decrease their cybersecurity investment. The gap between perception and reality (34%) is also greater, with these firms actually taking 10.88 months on average to recover.
By “recover,” Fastly is referring to activities such as:
- Implementing stronger security measures (cited by 43% of respondents)
- Offering additional training to employees (41%)
- Restoring from backups (38%)
- Stakeholder communication (34%)
- Forensic analysis (25%)
On a more positive note, the report also revealed a more proactive stance on IT resilience following the CrowdStrike outage earlier this year.
Some 86% said they’d changed their patch testing or deployment processes as a result of the incident, while over a quarter (29%) claimed they would consider changing security vendors following high-profile incidents or software quality problems.
Nearly half (48%) are rethinking how they use their existing cybersecurity tools.
“Full recovery from breaches is not getting any faster. The revenue, reputation and time lost damages business relationships permanently and drains resources from other areas of the business,” argued Fastly CISO, Marshall Erwin.
“With attacks not diminishing and the possibility of further high-profile slipups always present, it’s crucial that any changes businesses are now making to cybersecurity strategies fit within a holistic plan and aren’t knee-jerk reactions.”
Shared Responsibility
The report also revealed that stakeholders outside traditional security teams are increasingly involved in key decisions about app security.
A fifth (20%) of respondents said it was a priority to adopt a platform engineering approach to software security, with platform engineering teams (8%) and app developers (10%) both cited as being somewhat accountable for cybersecurity incidents. This is not far behind the share of respondents who cited CISOs (14%) and CIOs (12%).
“We are seeing a shift towards a shared responsibility for security across organizations, with increased focus on embedding security measures throughout all projects,” continued Erwin.
“Companies that bake in security and establish strong partnerships with security organizations early in a product development process are in a better position to deal with emerging threats and recover more quickly from attacks.”