IBM: Cybersecurity incident responders lead the cyberwar frontline
- Sense of duty to protect others is one of the main reasons respondents entered Incident Response
- The growth of ransomware has worsened the psychological burdens related to cybersecurity events
Taking a cybersecurity incident response strategy seriously can make it easier to recover from attacks and, in the process, realign consumer relations.
An organization’s ability to recognize and respond to security issues and events is crucial when reputation, money, and consumer trust are on the line. Organizations must have an incident response strategy in place, regardless of how big or small the breach is, to reduce the chance of falling victim to the latest cyberattack.
Particularly during Cybersecurity Awareness Month, when cybercriminals hunt for loopholes to exploit and wreak havoc. Fortunately, the incident responders do acknowledge the significance of other parties in the cybersecurity industry.
Cybersecurity incident responders have a sense of duty
In light of the growing convergence between physical and digital worlds, IBM Security has released the findings of a global survey that explores the crucial function of cybersecurity incident responders. According to the study published during National Cybersecurity Awareness Month, incident responders—the frontline responders to cyberattacks—are primarily motivated by a strong sense of duty to protect others.
However, this duty is becoming more and more difficult to fulfil in light of the rise of disruptive attacks, such as ransomware attacks and the more recent emergence of wiper malware.
Organizations that are crucial to supply chains, the movement of products, and the global economy have become the top targets for disruptive attacks. IBM Security X-Force noted that ransomware attacks against manufacturers — including food, medical devices, autos, and steel — increased more than any other sector in 2021, quadrupling against energy businesses from the previous year.
Incident responders in these businesses are under increased pressure to protect the digital front line as hackers jeopardize vital services that people depend on daily. In fact, according to 81% of respondents, the growth of ransomware has worsened the psychological burdens related to cybersecurity events.
The global survey of over 1,100 cybersecurity incident responders in 10 markets, carried out by Morning Consult and supported by IBM Security, uncovered trends and challenges that incident responders face due to their line of work. Key highlights include:
- A sense of duty – A sense of obligation to protect, and the chance to assist people and businesses, drew more than one-third of incident responders into the field.
- Engaging in various battles –In response to a recent increase in cyberattacks, 68% of those who responded to the study said it was common to be assigned to two or more overlapping events simultaneously.
- Impact on day-to-day life – With two thirds (67%) of incident responders reporting daily stress or anxiety, the high demands of cybersecurity engagements also have an impact on their personal lives. Despite these challenges, the majority said they have a reliable support network.
According to Laurance Dine, Global Lead, IBM Security X-Force Incident Response, the growing risks to the public’s safety and the stress on the market are a result of the real-world effects that cyberattacks are now causing. “Incident responders are the frontline defenders standing between cyber adversaries causing disruption, and the integrity and continuity of critical services. IBM salutes all IR team across the cybersecurity community, and the essential role they play in defending the digital front line,” she added.
A disruptive battle
Cyberattacks have evolved over the past few years, becoming more destructive and frequent. Between 2020 and 2021, the number of cybersecurity incidents handled by the IR team at X-Force increased by over 25%.
As a consequence, businesses might not have the resources to mitigate and recover from cyberattacks, while many IR teams are compelled to fight on many fronts. According to the IBM study, 68% of incident responders frequently need to address two or more cybersecurity events at once, underscoring how active the industry is.
Therefore, it is crucial to be aware of the status of their infrastructure. Businesses can use simulation exercises to assess their level of preparation, not only to understand how their teams will respond to an attack, but also to provide opportunities to properly integrate multiple teams involved in a cyber incident.