According to The Third Annual Study on the Cyber Resilient Organization by IBM Security and the Ponemon Institute, less than one-fourth of the 2800 respondents said they had a formal cybersecurity incident response plan (CSIRP). Also, a similar number expressed not having a Chief Information Security Officer (CISO) or security leader. Around half the respondents claimed to have an informal incident response plan or no plan in existence and more than three-fourths of the respondents highlighted the difficulty to recruit and retain IT security professionals.
CIO Review mentioned CynergisTek and our annual report in the following article.