Security Pros Not Confident In Their Incident Response Plans, Study Says

Enterprises suffer an average of two breaches a year, but only a third of IT professionals are completely confident in their incident response plans, according to a study published earlier this week.

According to a study conducted by data recovery and forensics service provider Kroll Ontrack, about three-quarters of U.K. organizations that have an incidence response plan say their plan is "effective" to some degree, but only 25 percent say their plan is "very" effective. About a third of U.S. organizations called their plans "very" effective.

The average number of data breaches per organization each year in the U.K. is 1.53, which rises to 1.99 in the U.S. In the U.S., IT professionals have a higher estimate of the number of breaches than their legal counterparts in incident response.

About one in five U.K. organizations (21 percent) and a quarter (24 percent) of U.S. organizations say they have not conducted a vulnerability assessment in the past year.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.