The Business Continuity Institute (BCI) has announced that Tim Janes Hon FBCI will be the new vice chair of the Board of Directors at the organisation, as voted for by fellow members of the Global Membership Council. Janes takes over from James McAlister FBCI who becomes chair following the end of David James-Brown FBCI’s two years in charge.
A director at Risk Management Design in Australia, Janes has previously served as one of the Membership Directors on the BCI’s Board and as the representative for Australasia on the BCI’s Global Membership Council.
On taking up the new role, Janes commented: “This is an exciting time to be elected as the new vice chair of the BCI. We have a new executive director in office and great plans for enhanced member services and international growth. Recent world events have shown how political, social and economic ‘certainties’ can be overturned. I think these conditions, when taken together, will present many opportunities for our profession to show how we actively help organisations to manage through unfamiliar and disruptive challenges. My goal is to help the BCI in providing practical and effective support for all members in this dynamic global environment.”
Cyber Resilient Organisation Study
Speaking of disruptive challenges, according to a new study carried out by The Ponemon Institute on behalf of Resilient (an IBM company), two thirds of organisations are not prepared and ready to recover from a cyber attack, while only a third of organisations feel they have a high level of cyber resilience in place.
The Cyber Resilient Organisation Study finds that 75% of respondents admit they don’t have a formal Cyber Security Incident Response Plan (CSIRP) that’s applied consistently across the organisation. Of those with a CSIRP in place, 52% have either not reviewed or updated the plan since it was put in place, or have no set agenda in place for doing so. Additionally, 41% say the time to resolve a cyber incident has increased in the past 12 months, compared to only 31% who say it has decreased.
“This year’s cyber resilience study shows that organisations globally are still not prepared to manage and mitigate a cyber attack,” said John Bruce, CEO and co-founder of Resilient. “Security leaders can drive significant improvements by making incident response a top priority and focusing on planning, preparation and intelligence.”
Common barriers uncovered
The study also uncovers common barriers to cyber resilience. The majority of respondents – 66% – say “insufficient planning and preparedness” is the top barrier to cyber resilience. Respondents also indicate that the complexity of IT and business processes is increasing faster than their ability to prevent, detect and respond to cyber attacks, in turn leaving businesses vulnerable.
This year, 46% of respondents say the “complexity of IT processes” is a significant barrier to achieving a high level of cyber resilience, which is up from a figure of 36% in 2015. 52% say “complexity of business processes” is a significant barrier, up from 47% in 2015.
“While companies are seeing the value of deploying an Incident Response Plan, there’s still a lag in having the appropriate people, processes and technologies in place,” said Dr Larry Ponemon. “We’re encouraged that this is now becoming a more important part of an overall IT security strategy.”