Help

BI’s Article search uses Boolean search capabilities. If you are not familiar with these principles, here are some quick tips.

To search specifically for more than one word, put the search term in quotation marks. For example, “workers compensation”. This will limit your search to that combination of words.

To search for a combination of terms, use quotations and the & symbol. For example, “hurricane” & “loss”.

Login Register Subscribe

More companies forming data breach plans, but effectiveness questioned: Study

Reprints
More companies forming data breach plans, but effectiveness questioned: Study

While more companies have data breach response plans and teams in place, only 30% of executives rate their firms as effective in developing and executing them, says a study issued Wednesday by Ponemon Institute L.L.C.

The study by the Traverse, Michigan-based research firm of 567 executives found that 73% of companies have data breach response plans in place, compared with the 61% who said they did in the 2013 survey.

The percentage of firms that had data breach response teams increased to 72% from 67% in 2013, according to the survey, which was sponsored by Experian Data Breach Resolution, a unit of Costa Mesa, California-based Experian Information Solutions Inc.

Only 9% of executives, however, rated the development and execution of their companies' plan as very effective, while 21% said it was effective, 23% said it was somewhat effective, 30% said it was not effective and 17% were unsure.

The survey also found that 41% of the time, there is no set time for reviewing and updating the plan, while 37% said they have not reviewed or updated it since it was put in place.

Commenting on this, Michael Bruemmer, vice president at Experian Data Breach Resolution, said, “It is not enough to write plan,” there must be “live exercises.” Otherwise, he said, it is akin to having a fire evacuation plan but not holding a fire drill.

Meanwhile, data breaches have increased in frequency, with 43% of executives saying their company had a data breach in 2014, compared with 33% who reported breaches in the 2013 survey.

The survey also found cyber insurance policies are becoming a more important part of companies' preparedness plans, with 26% reporting they have such a policy, compared with the 10% who reported having one in 2013.

Read Next