Security incident recovery times are over 7 months on average

A laptop with a life monitor
(Image credit: Getty Images)

Organizations are taking almost a month longer to recover from cybersecurity incidents than they did a year ago, and 25% longer than expected, a Fastly survey has found.

This year, businesses report taking an average of 7.3 months to recover from cybersecurity breaches, substantially more than their anticipated timeline of 5.9 months.

And recovery times were even worse for companies that told Fastly they were planning on cutting back cybersecurity spending. These firms faced an average of 68 incidents each during the last year – 70% more than the average – and their recovery times stretched to 10.9 months.

"Full recovery from breaches is not getting any faster. The revenue, reputation, and time lost damages business relationships permanently and drains resources from other areas of the business," said Marshall Erwin, CISO at Fastly.

"With attacks not diminishing and the possibility of further high-profile slip-ups always present, it's crucial that any changes businesses are now making to cybersecurity strategies fit within a holistic plan and aren't knee-jerk reactions."

Nearly nine in ten businesses say they are planning to increase investment in security tools over the next 12 months – 11% more than last year.

However, Fastly says many are re-evaluating their choices, with four in ten expressing concerns about the reliability and software quality across their security stack and three in ten saying they've considered changing vendors. The vast majority say they have changed their approach to testing and rolling out updates in response to major reliability incidents.

When it comes to software security, there's a trend toward giving platform engineering teams a say in the choice of app security solutions, with one in five saying that the platform engineering approach to software security was a priority.

This means they've been taking some of the blame when things go wrong, with platform engineering teams held responsible for 8% of cybersecurity incidents, only slightly less than CISOs at 14% and CIOs at 12%.

RELATED WHITEPAPER

"Cybersecurity spending is under the microscope as businesses continue to feel unprepared dealing with an evolving threat landscape. We are seeing a shift towards a shared responsibility for security across organizations, with increased focus on embedding security measures throughout all projects," said Erwin.

"Companies that bake in security and establish strong partnerships with security organizations early in a product development process are in a better position to deal with emerging threats and recover more quickly from attacks."

A recent report from IBM found that only 3% of firms were able to fully recover from a security incident in less than 50 days, with the average being 100 days. More than one in ten, indeed, said they hadn't managed to fully recover at all.

Emma Woollacott

Emma Woollacott is a freelance journalist writing for publications including the BBC, Private Eye, Forbes, Raconteur and specialist technology titles.