An article on SC Magazine reports that 40 percent of large organizations will have formal plans to address “aggressive” cyber-security business disruption attacks by 2018, according to research outfit Gartner.
In its new 'Attack on Sony Pictures Is a Digital Business Game Changer' report, the firm says that there are currently no companies adopting such a strategy, which would see CISOs and business continuity managers (BCMs) increasingly move from prevention to detecting and responding to attacks.
Gartner's research was following up last year's data breach at Sony Pictures and the outfit describes these attacks as ones which cause a prolonged disruption to internal or external business operations.
Mark Kedgley, CTO, New Net Technologies comments: "We are already seeing the effect referred to by Gartner, whereby information security breaches like Sony 'institutionalize more proactive thinking about cyber-security risks' but it is time to get real with respect to breach prevention and plan for the inevitable successful attacks.
"Previous research from Gartner suggests that cyber security is being taken more seriously than before with security investment to jump 30% over the next two years.
"So as organizations begin to realize that cyber espionage, coercion, and disruption will be more widely used against all sizes of businesses across every industry sector - not just digital businesses - a Stop the Breach/Spot the Breach strategy then needs to follow. Right now there is still a reluctance to accept that total prevention of attacks is unrealistic, but this needs to change now.
"Of course, breach detection is unworkable without co-ordinated change control and this has often been where secure operations have come unstuck in the past. Fortunately, innovations in File Integrity Monitoring now provide the detailed visibility required for breach detection while removing the background noise of regular patching activities.
"Hopefully attitudes to security can be brought up to date too."