Survey finds companies are still not prepared for major security incidents

Survey finds companies are still not prepared for major security incidents

205 readers like this


December 17, 2015
CIO Security

They say you never miss something until it's gone. That's especially true when it comes to corporate networks. And with outage incidents on the rise, top executives at most companies are now focusing on major incident management as they never did before.

That's the finding of a newly released survey of 400 IT professionals at large companies, conducted by the research firm Dimensional Research on behalf of the cloud communications company xMatters. The vast majority of survey respondents, 82 percent, reported that they and the C-Suite are in alignment when it comes to dealing with major incidents. Perhaps top executives are now focusing on incidents because there are so many of them. In the survey, 90 percent of respondents reported incidents several times a year, and 60 percent said they had major incidents every month.

But although incidents are more frequent, most companies still aren't well prepared to deal with them. Only 52 percent of respondents had a dedicated response team in place to deal with incidents and only 44 percent had dedicated staff members for whom incident resolution was a full-time job. At the same time, respondents admitted, their IT organizations were not up to snuff on preventing or managing outages. Of the respondents who have service level agreements (SLAs) their departments are supposed to meet, 75 percent reported failing to meet them. And of those who have target incident resolution times for solving IT problems, 76 percent reported that they frequently fail on those metrics as well.

As in many situations, communication matters almost more than service, the survey found. More than half of respondents reported that business stakeholders were more frustrated by a lack of timely communication about an incident than they were by the incident itself.

Nobody likes an outage, and it appears we're having too many of them. Smart CIOs should respond by exploring the possibility of creating a dedicated response team. And whatever you do, make sure communications are open, immediate, and clear when something goes wrong.

You can learn more about survey results here.

Comments 0
Minda Zetlin is a business technology writer and columnist for She is co-author of "The Geek Gap: Why Business and Technology Professionals Don't Understand Each Other and Why They Need Each Other to Survive," as well as several other books. She lives in Snohomish, Washington. Find her at  

Harvard Business Review: IT Talent Crisis: Proven Advice from CIOs and HR Leaders

CIOs: We welcome you to join the conversation

Related Topics

Submitted By MIke Bursell
June 22, 2018

Is this the right cloud service for my workload? We break down how to answer a key hybrid cloud security concern.

Submitted By Carla Rudder
June 21, 2018

Can you end meeting dread by having stand-up meetings? IT leaders say it's not as hard as you'd think - and delivers big benefits.


Submitted By Robert Reeves
June 21, 2018

IT leaders tend to focus on "minimum," while business leaders focus on "viable." Here's how to stop miscommunication from ruining your transformation efforts.



Email Capture

Keep up with the latest thoughts, strategies, and insights from CIOs & IT leaders.