Survey finds companies are still not prepared for major security incidents

Survey finds companies are still not prepared for major security incidents

371 readers like this
CVE explained

They say you never miss something until it's gone. That's especially true when it comes to corporate networks. And with outage incidents on the rise, top executives at most companies are now focusing on major incident management as they never did before.

That's the finding of a newly released survey of 400 IT professionals at large companies, conducted by the research firm Dimensional Research on behalf of the cloud communications company xMatters. The vast majority of survey respondents, 82 percent, reported that they and the C-Suite are in alignment when it comes to dealing with major incidents. Perhaps top executives are now focusing on incidents because there are so many of them. In the survey, 90 percent of respondents reported incidents several times a year, and 60 percent said they had major incidents every month.

But although incidents are more frequent, most companies still aren't well prepared to deal with them. Only 52 percent of respondents had a dedicated response team in place to deal with incidents and only 44 percent had dedicated staff members for whom incident resolution was a full-time job. At the same time, respondents admitted, their IT organizations were not up to snuff on preventing or managing outages. Of the respondents who have service level agreements (SLAs) their departments are supposed to meet, 75 percent reported failing to meet them. And of those who have target incident resolution times for solving IT problems, 76 percent reported that they frequently fail on those metrics as well.

As in many situations, communication matters almost more than service, the survey found. More than half of respondents reported that business stakeholders were more frustrated by a lack of timely communication about an incident than they were by the incident itself.

Nobody likes an outage, and it appears we're having too many of them. Smart CIOs should respond by exploring the possibility of creating a dedicated response team. And whatever you do, make sure communications are open, immediate, and clear when something goes wrong.

You can learn more about survey results here.

Minda Zetlin is a business technology writer and columnist for She is co-author of "The Geek Gap: Why Business and Technology Professionals Don't Understand Each Other and Why They Need Each Other to Survive," as well as several other books. She lives in Snohomish, Washington.

7 New CIO Rules of Road

CIOs: We welcome you to join the conversation

Related Topics

Submitted By David. F. Carr
January 17, 2020

Down-to-earth offshoots of artificial intelligence are increasingly accessible for digital transformation work. These projects tapped into machine learning – with existing talent. 

Submitted By Carla Rudder
January 16, 2020

IT leaders and experts share the subtle and not-so-subtle signs of IT burnout - and how to get yourself and your team members to a healthier place.

Submitted By Cedric Wells
January 16, 2020

By putting Millennials in more strategic and leadership roles, you could advance IT innovation and digital transformation. Here are 3 questions to ask about how well you're utilizing Millennials 


Email Capture

Keep up with the latest thoughts, strategies, and insights from CIOs & IT leaders.