The document summarizes the findings of a survey conducted by Ponemon Institute on the state of cyber incident response programs. Some key findings from the survey include: organizations are ill-prepared to respond to cyber threats, cybersecurity budgets dedicate a low percentage to incident response preparedness, and network audit trails are seen as the most effective tool for detecting security breaches. The document recommends that organizations build dedicated incident response teams, assess team readiness, use metrics to measure effectiveness, and foster information sharing.
3. About Ponemon Institute
The Institute is dedicated to advancing responsible information management practices
that positively affect privacy and data protection in business and government.
The Institute conducts independent research, educates leaders from the private and
public sectors and verifies the privacy and data protection practices of organizations.
Ponemon Institute is a full member of CASRO (Council of American Survey Research
Organizations). Dr. Ponemon serves as CASRO’s chairman of Government & Public
Affairs Committee of the Board.
The Institute has assembled more than 60 leading multinational corporations called the
RIM Council, which focuses the development and execution of ethical principles for the
collection and use of personal data about people and households.
The majority of active participants are privacy or information security leaders.
3
4. About our sample
A scientific sampling frame of 20,446 experienced IT and IT security practitioners located in all
regions of the United States and United Kingdom were selected as participants to this survey.
To ensure knowledgeable responses, all participants in this research have some level of
familiarity and involvement with their organization’s CSIRT activities. Seven hundred and
ninety-three respondents completed the survey. Screening and reliability checks removed 119
surveys. The final sample was 674 surveys (or a 3.3 percent response rate). US sample
contained 357 and UK sample contained 317 qualified respondents, respectively
Sample response
Freq
Pct%
20,446
100%
Total returns
793
3.9%
Rejected and screened surveys
119
0.6%
Final sample
674
3.3%
Sampling frame
4