This is the fifth of a six-part blog series that highlights findings from a new Mend white paper, Five Principles of Modern Application Security Programs. Be sure to look out for our upcoming blogs on each of the five principles.
While IT and security professionals all generally agree that cyberattacks are on the rise, there remains a great deal of disparity in how they choose to prepare for those attacks. Without question, though, the teams that are best prepared are those with robust cybersecurity incident response plans (CSIRPs).
Put simply, CSIRPs are formal plans that provide instructions for incident response, planning, and ongoing management, with the overarching goal of limiting the consequences from a malicious cyberattack. Developing a CSIRP enables teams to clarify individual roles, organizational policies, and industry standards when responding to a cybersecurity threat.
However, only a quarter of organizations consistently apply a CSIRP across all departments. Perhaps more telling, organizations tend to develop CSIRPs based on the types of attacks they expect. In 2021, for instance, research shows that companies worldwide had incident response plans for:
The most concerning of those statistics is that less than a third of companies have CSIRPs for supply chain attacks, which have the potential to cause exponentially more damage than other attacks. This was evidenced in the SolarWinds attack, which provided attackers with a ripe one-to-many opportunity. By attacking SolarWinds, attackers were then able to access 18,000 SolarWinds customers, including the US Justice Department, State Department, NASA, and Fortune 500 companies like Microsoft.
In 2021, supply chain compromises accounted for 19 percent of attacks, and that number is expected to continue to grow. But the importance of CSIRPs for the supply chain becomes even more pronounced when considering that attacks against the supply chain take 26 days longer to identify and contain than other attacks, and the cost of such compromises is $4.5 million – higher than the average cost of other data breaches.
CSIRPs also are a vital part of an organization’s cyber resilience, as well. In fact, organizations that regularly update and review their incident response plans improve cyber resilience by almost 50 percent. CSIRPs build cyber resilience as organizations design a framework that integrates backup solutions with associated governance and procedures to secure business-critical systems.
When organizations create, test, review and update their CSIRPs according to plan, they improve cyber resilience by gaining better insight into applications and data assets. Likewise, they gain the ability to more quickly identify vulnerabilities and apply patches when needed.
Learn more about what IT and security teams can do to prevent application attacks by downloading a copy Five Principles of Modern Application Security Programs today.