Do your 2024 plans include steps to improve your cyber security incident response plan? If so, what steps are you planning to take?

2.4k views2 Comments

Sort by:

Director of Cybersecurity Data and App Protection in Healthcare and Biotech2 years ago

We use table top exercises, purple team, and red team activities to continuously pressure test our processes, people, and tools. All of that activity leads to improvements in incident response plans, but also the tools and people as well.

Director of Systems Operations in Healthcare and Biotech2 years ago

One would hope every year the plan is to continuously update the incident response plan, and communication improvements is always high on the list. New employees, new proceses, new procedures, redefining the communication strategy is essential.

Content you might like

Are you confident your org is tracking/reporting the right cyber metrics?

Completely confident (we’re tracking all necessary metrics)17%

Very confident (only minor improvements needed)53%

Mostly confident (some gaps to be addressed)23%

Sort of confident (significant room for improvement)8%

Not confident (major changes required)

View Results

What adjustments are you planning to make to your org’s cyber budget for 2026 (if any)?

What's the most important friction in deploying Robotic Process Automation (RPA) in your company?

Cost of RPA products25%

Lack of developers who can code RPA applications43%

Amount of customization needed to automate business processes27%

Lack of RPA code maintenance resources4%

View Results

When it comes to running phishing simulation campaigns. What is the best practice on how often they should be run and at what cadence should phishing simulation emails be sent out? Some organizations only run a campaign once per quarter sending out a simulated phishing email about once per week while other organizations run continuous campaigns sending out phishing simulations about once every 2 weeks. What are other organizations doing and what is the best practice?

What sorts of challenges have you encountered in adapting your governance framework to address AI adoption across business units, and how are you attempting to resolve these?