By 2018, 40 percent of large enterprises will have some type of plan to respond to aggressive cybersecurity business disruptions, a drastic increase from zero percent in 2015, according to the Gartner research group.
Gartner describes an aggressive business disruption attack as a coordinated and sophisticated effort to interfere with and damage business operations - wiped data, servers knocked offline, intellectual property stolen.
"Entirely avoiding a compromise in a large complex enterprise is just not possible, so a new emphasis toward detect and respond approaches has been building for several years, as several attack patterns and overwhelming evidence support that a compromise will occur," said Paul Proctor, VP and distinguished analyst at Gartner. "Preventive controls, such as firewalls, antivirus and vulnerability management, should not be the only focus of a mature security program."
Realistically, cyberattacks on a large scale remain low, according to Gartner, but companies understand they should have some sort of plan in place. Instead of trying to keep cybercriminals out, security experts are largely recommending a plan for when an intrusion takes place.