UK firms foot the bill failing to learn from IT incidents.
The average business deals with hundreds of security incidents weekly, but a new report suggests more can be done to stave off future costly attacks.
The data showed 13.3% of all UK incidents are repeats of previous security breaches, compared to 17.2% globally. Almost all those surveyed globally (96%) said failure to learn from previous incidents through effective root cause analysis lead to the problem recurring. Moreover, the research found more duplicate and repeat incidents correlated with higher costs to IT.
Typically, a British firm logs in the region of 2,533 incidents each month, with critical security breaches labelled severity 1, priority 1 or P1 numbering around 5, according to the report commissioned by Splunk and carried out by Quocirca.
The UK saw a ranking of 3.5, lower than the global average of 5.
The average cost to deal with a critical IT incident in the UK firm is £22, 371. When it come to the business cost to the organisation, this rises to £58,955. Looking at the global figure the mean cost is $36,326, which rises to $105,302 when it comes to downstream business cost.
Increasingly complex IT infrastructure, including virtualization, containerisation and cloud services can precipitate more weak spots for security. On top of that, nearly three-quarters (70%) of respondents globally said a critical incident has caused reputational damage to their business.
It is thought IT monitoring software which can collect and analyze incident data could reduce the reccural rate. Another factor is the average time it takes to resolve an incident, which the research found to be 5.1 hours, just lower than the global average of 5.8. Just one in five companies felt their mean time to detect incidents was as fast as it could be.
“Today’s IT environments are more complex than ever, spanning data centers, cloud services and on-the-edge devices such as mobile and IoT,” said Rick Fitz, senior vice president of IT Markets, Splunk, who commissioned the research.
“Because systems are often siloed, IT can struggle to collect and correlate information, making it difficult to monitor infrastructure and rapidly troubleshoot problems.”
Quocirca carried out its research across USA, Japan, Singapore, Australia, Sweden, Netherlands, Germany, France and UK, surveying employees from a range of business sizes and sectors.