Darkreading.com reported about the results of the February 2019 report from the Ponemon Institute and commissioned by Experian “Is Your Company Ready for a Big Data Breach?” which “polled 643 professionals in IT and IT security on their organizations’ data breach response practices…[less] than half (47%) educate employees on spear-phishing.”  The March 5, 2019 report entitled “Incident Response: Having a Plan Isn’t Enough” included these comments:

Most (92%) companies have a data breach notification plan in place.

The problem is, most companies with a breach response plan fail to adapt to change.

Forty-two percent of respondents have “no set time period” for reviewing and updating their response plans, and 23% haven’t reviewed or updated their plans since it was put in place.

Some types of security incidents pose a greater challenge than others. Only 21% of respondents expressed confidence in their ability to handle ransomware attacks, and 24% said the same for spear-phishing, researchers found.

What do you think about the results of Ponemon’s report?