Breaches Are Bad for Business. How Will You Detect and Respond to Your Next Cyber Incident?

© PAC 2015
Incident Response Management
How European Enterprises are Planning to Prepare for a
Cyber Security Breach
Premium Sponsor of the study:

© PAC
Arthur Wong, Senior Vice President of Enterprise Security Services
Everyday, we are learning that the current, technology driven approach to information is no longer sufficient to keep up with advancing
threats. That model is giving way to a more cognizant, proactive approach that leverages robust threat intelligence, optimized and
integrated technical controls, global monitoring and incident response to identify, prepare for and react to threats. We believe this
approach is quickly becoming a necessity, evidenced by the results of this survey.
In our day to day interactions, IT leaders are citing limited staff to keep up with threats, lagging skills of existing staff and a shrinking
talent pool as stifling their ability to, not only ensure a secure environment, but hampering their capabilities to adapt to new styles of
business that drive opportunities for their organizations.
Many organizations have compensated by focusing on securing the infrastructure only and restricting the flow of data to end users. The
thinking here is that by securing the infrastructure, we are keeping the bad guys out, and can conceal the fact that the security
fundamentals haven’t been addressed. This is seriously flawed thinking and a throwback to the reactive, locked gates of a decade ago.
Facing these challenges calls for a new approach to Cyber Defense.
A new school of thought. One that challenges our thinking to help us protect what matters most – the users, the applications and the
information.
Preface
MC template 2015 2

© PAC
HP Enterprise Security Services – Protecting Organizations around the Globe
HP’s comprehensive approach to enterprise security services includes Security Consulting and Managed Security Services
that focus on disrupting adversaries, managing risk and extending in-house capabilities. Built on a global network of 10
security operations centers and more than 5,000 IT security experts, HP works with customers to strengthen the
organizational security posture to minimize incidence impact and control costs while expanding insight for better decisions.
Additional information about HP Enterprise Security Services can be found at www.hp.com/enterprise/security.
www.hp.com/go/fightback
HP – company profile
MC template 32015

© PAC
Agenda
Incident Response Management 42015
Introduction and Key Findings
A snapshot of Incident Response
Preparing for a cyber breach
Resourcing for Incident Response
Conclusions

© PAC
Introduction
Suffering a major breach is a near-certainty. Research from a
variety of sources shows that the average firm will suffer one major
breach each year. The consequences of a major breach include loss
of IP, availability, customer service, revenue and reputation. And the
fines for data protection non-compliance are set to soar under the
upcoming GDPR and NISD regulations, with mandatory breach
reporting due to be introduced from 2017.
Responding to an incident quickly and effectively is a complex
process, involving technical, communications & management staff.
And the world is watching as you respond.
Our hypothesis for this study was that enterprises are struggling to
cope with Incident Response. We wanted to investigate the extent
to which firms are experiencing cyber breaches, and if so how
organisations are prepared for this eventuality. Are cyber breaches
inevitable?
We were also interested in how firms cope with the skills shortage,
and if they use technology and/or outsourced services to deliver
Incident Response. Do firms seek to offset cyber breach risk,
through a combination of IR planning and Cyber Risk insurance?
We surveyed 200 decision makers in large companies in the UK,
France and Germany, to understand their motivations and drivers
with regard to Incident Response.
This study deals with the following questions:
●  To what extent are firms being breached, and what is their
broad approach to responding to such incidents?
●  Do companies understand the importance of IR? Do they have
a defined and tested IR plan?
●  Are they adjusting their cyber security spend, or allocating new
budget, in order to fund an IR programme?
●  Do they test their IR regularly and update processes
accordingly? Do they follow best practices?
●  Do they use an IR management tool? Do they outsource IR
capability? Are they aware of the impending NIS and GDPR
regulatory changes?
●  Is their technical IR plan integrated with business and
communications contingency planning?

© PAC
Key Findings
Most organisations
suffered a breach
last year
67% of organisations surveyed reported that they had suffered a cyber breach in the last 12 months.
In addition, all (100%) firms surveyed said that they had experienced a cyber breach at some point
in the past. From this we can assert that all organisations will experience a cyber breach at some
point, with a high likelihood that this will occur within any 12 month period. This shows that a breach
is - to all intents and purposes - inevitable.
Traditionally, cyber security has focused on Prevent & Protect approaches such as firewalls,
endpoint protection and DDoS attacks. With the inevitability of a breach, it makes sense to migrate
spend towards detecting a breach quickly, and to minimise the impact of that breach through
remediation as soon as possible.
86% of firms claim a high state of readiness for cyber breaches. This is good news, but only as far
as it goes. This study reports that 39% of respondents do not have a cyber readiness plan, bringing
into question their true state of readiness. Furthermore, only 30% of firms that do have a plan test it
monthly. Most test it quarterly, but given the dynamic and complex nature of the cyber threat
landscape we think companies should test their incident response plans more often.
Most organisations
outsource Incident
Response
With most cyber security activities, CISOs prefer to keep operations in house, as they fear a loss of
visibility and control. But with incident response, there seems to be a preference towards
outsourcing capability. This allows organisations to source expertise in a timely fashion without
incurring too much cost.
Technology support
for Incident Response
is emerging
We asked our respondents whether they use technology to support incident response. Two-thirds of
organisations do use some technology in this way, but most that do use in-house developed
solutions or a patchy variety of existing technologies. A new category of software is beginning to
emerge that is specifically designed to support incident response operations.
Security spend is
shifting towards
Incident Response
Are firms really
ready for cyber
breaches?

© PAC
About the Study
200 survey respondents
in Western Europe
65% CIO/VP IT
respondents
35% CISO
respondents
UK
Survey conducted
between Apr-May 2015
All respondents had
over 1,000 employees FR DE
33% 35%
33%
F M A M J
Others 8%
Services 12%
Healthcare 4%
Retail 9%
Manufacturing 14%
Education 15%
Public Sector 24%
Financial Services 17%

© PAC
Agenda
Conclusions

© PAC
The cyber landscape: Bad and getting worse
28%
“We see things more or
less the same as last
year.”
There are some interesting differences between countries
in the view of the cyber landscape. More respondents in the
UK (71%) think it is getting worse, whereas 63% in
Germany and only 55% in France concur. A mere 1% of
firms in the UK reported an improving situation, but 8% of
German respondents and a notably high 17% of French
firms report an improving cyber landscape. This variance
has implications for software and services providers in their
approach to the three countries we surveyed in this study.
64%
“The threat landscape is getting worse –
there are more threats.”
“The threat
landscape is getting
better”
9%
Most organisations (64%) report that the threat landscape
is getting worse. This is consistent with other reports both in
the media and by cyber security vendors, including our
sponsors. There is an argument that suggests that this
increase is due, at least in part, to better monitoring and
detection. But the sheer volume of attacks confirms that the
increase is real and continues to grow.
The 28% of organisations that see things more or less the
same as last year should not be discounted. While they see
no notable increase in the threat landscape, neither do they
see it diminishing. So at best the situation is static. This is
important, as we shall see, because the threat level is
already high with a strong likelihood of a breach occurring.

© PACIncident Response Management 102015
Q. How do you measure the cyber landscape?
Having asked the respondents whether they
see the threat landscape increasing or
decreasing, it is interesting to understand
exactly how they measure the threat levels.
Most organisations use the absolute number
of threats to measure the threat landscape,
but in addition they also use other measures.
The second most common measure is the
type of attackers. This refers to a broad
segmentation of attackers: nation states,
cyber criminals and hacktivists. The reason
that organisations are interested in these
types is that cyber criminals tend to be more
opportunistic, whereas nation states are
usually the source of advanced persistent
threats (APT). These are targeted attacks,
meaning that the threat is likely to be
sophisticated and sustained over a long period
of time. Understanding these differences in
motivations then dictates defensive strategies
and detection approaches.
A majority of organisations also consider the
potential impact on their business as a
measure of the threat landscape. This is an
indicator that a more risk-based approach to
cyber security is on the increase.
55%
49%
49%
59%
66%
74%
Number of
threats by
type
Number of
attackers
Type of
attackers
Severity of
attacks
Potential impact on
your organisation
Number of
threats
Measuring the threat

© PAC
Anatomy of a Cyber Breach Incident
67% of firms
have had
a cyber
breach in
the last year, and 100%
report a breach at some
time in the past
€75k
Firms require between
one and six man months
to recover from a breach
V.High High Med
23%
Low
Breach severity
We were alerted by
the media
We found it ourselves
We were alerted by a
third party
37%
1%
21%
69% of breaches are
discovered between
one and six months
after attack
J F M A M J
Average cost of most severe
breach in last year
We used a 3rd part
monitoring service
43%
9%
35%34%

Q. What is the split today of spend between planning, preparing and prevention versus detection,
response and recovery? And how do you see this changing over the next two years?
Most organisations have built their cyber
security approach around protecting the
perimeter and preventing attacks.
However, as we have seen, cyber
breaches still occur. This means that
organisations have used up most of the
budget that has, ultimately, failed to do
what it was spent to do. Most
organisations take between one and six
months to discover an attack, meaning
that the perpetrator has been inside to the
organisation long enough to cause
damage or to extract information.
The shift in spend towards a Detect &
Respond approach is therefore a reaction
to the inevitability of a cyber breach. We
see this as a re-balancing of cyber
security spend to a more appropriate split
of operational attention. While the focus
on Prevent & Protect needs to be
maintained, looking for breaches and
quickly remediating them has increased in
priority.
Prevent&Protect
Detect&Respond
77% 61%
75% 60%
Average spend in 2
years
Average spend
today
Median
spend today
Median spend
in 2 years
23% 39%
25% 40%
Average spend in 2
years
Average spend
today
Median
spend today
Median spend
in 2 years
A fundamental shift in security spending

Q. Where do you consider you organisation’s key strengths
in its response capabilities?
Q. And where do you see its key challenges?
Respondents indicate that technology is
regarded as the key area of capability. This
reflects the traditional approaches to cyber
security, being technology-based as
opposed to skills-based.
Interestingly, despite much talk in the
media about the cyber security skills
shortage, most organisations believe that
their in-house capacity and skills are a
strength.
Not surprisingly, organisations see their
key challenges in areas where they have
least strength. So the emergence of threat
intelligence is creating a challenge for
them. We think this is partly to do with the
confusion surrounding the sourcing of
threat intelligence and its effectiveness,
and partly to do with firms’ ability to
contextualise and make sense of the
intelligence relating to their own
organisations.
Availability of skills remains a challenge for
many organisations, as does in-house
capacity. Both of these relate to generic
cyber security skills but, as we shall see,
the skills required for incident response are
so specific that they prompt an uncommon
way of resolving this resource issue.
38% 35% 29% 21%
Technology
68% 59% 53%
In-house
capacity
46%
Threat
Intelligence
Technology
Cyber security
skills
In-house
capacityThreat
Intelligence
Cyber security
skills
A balance of strengths and challenges

Very concerned
Q. How aware are you of the incoming EU cyber
security and data protection legislation?
Q. How concerned are you at the prospect
of Mandatory Breach Notification?
37%
40%
16%
Somewhat concerned
Not at all
concerned
Uncertain as to the impact
on my organisation8%
The General Data Protection Regulation (GDPR) and the
Network And Information Security Directive (NISD) have had
much media attention over the last 12 months. So it is no
surprise that all of our respondents said that they were at least
somewhat aware of both of these initiatives, and the majority
were very aware. This is extremely encouraging, as the impact
of these changes in EU legislation, both individually and
collectively, is extensive. One of the key concepts embedded
in both GDPR and NISD is Mandatory Breach
Notification, which compel firms to inform regulators on
the instance of a breach. Seventy-seven per cent of
firms surveyed are concerned at this prospect, largely
because of the implications for preparing their
approach to incident response. The next section in this
report examines in more detail how organisations
prepare for a breach.
NIS Directive
GDPR
53% 47% 0%
52% 48% 0%
Yes,
very
aware
Some-
what
aware
Not at all
aware
✔
??
!!!
Regulatory awareness and impact

© PAC
Agenda
Conclusions

© PAC
How prepared are you for a cyber breach?
It's a case of good news followed by bad news, when it
comes to preparedness for a cyber breach. An extremely
healthy 86% of organisations say that they are very or
somewhat ready for a cyber breach. However, readiness
clearly means different things to different firms: 39% do not
have a cyber readiness plan. How an organisation can
claim readiness without having a plan to describe what
readiness means or how to test it is a clear indication of the
variability of maturity across organisations when it comes to
incident response.
Frequency of testing a plan is also highly variable. Only
30% of firms that have a plan test it monthly or more
frequently. Most (65%) test their plan quarterly, which is
common but increasingly insufficient given the rate of
change in the threat landscape. 5% of firms test their
incident response preparedness annually.
Overall, we are concerned at the state of readiness of firms
for a cyber breach. While most companies believe that they
are ready for a breach this confidence does not match the
reality of the situation. Firms are at best unaware of best
practice when it comes to incident response, and at worst
are in denial of the precariousness of their situation.
39%86% 30%
Of firms don’t have a
cyber readiness plan
Of those firms with a
plan test it monthly or
more frequently
Of firms claim they are
very or somewhat ready
for a cyber breach
✔
✗

© PAC
We thought that firms’ top priority would be resolving technical
issues, but this is not the case. Although 48% of organisations do
regard to technical issues as a priority, it is only fourth on the list
of concerns.
At the top are customer concerns, in response (we think) to
media attention given to high profile breaches such as Target
and Sony. Protecting a firm's reputation and brand image with its
customers is of primary importance, as it directly affects sales as
Management
Pressures
52%
Customer
Concerns
71%
Dealing with
the Media
49%
Regulatory
Concerns
48%
Technical
Issues
32%
Q. What do you think the main issues are with responding to cyber security incidents?
well as competitors’ positioning.
This is why the second highest priority is on dealing with
management pressures. Board awareness of cyber risk has
increased markedly in the last 24 months, because a cyber
outage has negative effect on the company's performance and
perception. CISOs responsible for responding to cyber breaches
therefore have to deal not only with the immediate concerns
surrounding remediation but also management attention.
Breach response: the priorities

© PAC
Mitigating the risk
13%
43%
44%
Yes
No, but considering it
No, and no plans
Q. Are you using cyber risk insurance
One way of approaching incident
response is to mitigate the financial
risk by taking out cyber risk
insurance. There has been much
media attention on the subject in
the past year. However, our survey
suggests that adoption is lagging
behind this interest: only 13% of our
respondents said they are using it.
A further 43% of firms are
considering cyber risk insurance,
but 44% have no plans to introduce
it.
As seen in the US following the
introduction of Mandatory Breach
Notification, we expect the adoption
of cyber risk insurance to increase
as the introduction of new EU
legislation approaches.

© PAC
Agenda
Conclusions

© PAC
Technology for Incident response
Q. Are you using any technology to assist in incident response?
We asked the respondents whether they are using any
technology to assist in incident response. We were surprised
to find that 61% of firms do use technology in their incident
response.
However, when asked to describe this technology we get a
very patchy view. The most common answer type of
technology used is built in-house, as opposed to a
commercial off-the-shelf solution. Firms corral a wide variety
of technologies to support incident response, such as SIEM,
61%
✔
11%
Built in-house
threat monitoring and network security. Clearly, these
technologies are not designed for managing and
organisations incident response program.
There is some evidence to suggest that organisations are
aware that more specialised solutions for incident response
are available, although this is clearly still an emerging market.
Awareness of such solutions appears to be low, but as spend
shifts towards Detect & Respond activities we expect this to
increase rapidly.
22%
✖
Of which…
… and the rest is a wide
variety of existing
capability delivering
patchy IR coverage

Q. How do you resource incident response?
M o s t o r g a n i s a t i o n s e s c h e w
outsourcing for cyber security. They
fear loss of visibility and control of their
security operations. So, typically, they
use outsourcing in a cautious, risk-
based and selective manner. They
also outsource security as a short-term
fix until they are able to back-fill
resources with in-house expertise.
With incident response, however, the
opposite appears to be true. In our
s u r v e y, 6 9 % o f f i r m s u s e a
combination of internal and external
staff, with a further 14% using external
resources exclusively.
Use external
staff only
18%
Use internal
staff only
69%
Use a combination of
internal & external staff
The nature of incident response dictates that resource
utilisation is unpredictable. Although all of the companies
surveyed reported a cyber breach (67% in the last 12
months), the timing of a breach is indeterminable. This means
that if internal staff are to be used then they are drawn from
other security activities as and when the need arises. But this
may impact on-going operations. So it makes sense to plan to
use external resources, either retained on standby or on a
more ad hoc basis.
14%
Internal or external resourcing?

Q. Do you see outsourcing of Incident response as an interim solution?
In contrast with normal approaches to outsourced cyber
security provision, our respondents see the use of
external incident response expertise as a long-term
strategy. This is again unusual, as most firms use
external staff as an interim approach to sourcing
adequate security skills. For incident response we think
that organisations are building the use of outsourced
48%
Outsourcing is a
long-term strategy,
resourced
exclusively with
external resourced
staff
15%
Outsourcing is an
interim strategy
37%
Outsourcing is a
long-term strategy,
resourced with a
hybrid of internal
and external
resourced staff
resources into their incident response plans from the
start, calling upon these specialist skills on a planned but
as-required basis. There also appears to be a
preference to use externally resourced staff exclusively,
as opposed to a hybrid of internal and externally
resourced staff, suggesting that firms will rely
increasingly on their providers for incident response
capability.
Outsourcing – a short-term strategy?

Q. Why do you use external resources?
You don’t have enough investment
resources
58% 83% of organisations surveyed use external
resources for incident response, either
exclusively or as a hybrid approach. But what are
the motivations for using external staff? Primary
in importance is the quality of service, which is
perceived to be superior when using external
resources. Incident response is a specialist craft
requiring knowledge not only of technical aspects
such as forensics, but also the softer issues such
as customer communication and regulatory
compliance.
But speed is also important, given that response
times are a critical factor in remediation. The
implication here is that it is faster to bring in
external resources that it is to redeploy internal
staff from other areas of operation.
Access to specialist skills is also a key driver,
with 41% of firms citing lack of internal skills as a
driver.
Interestingly, cost is much less of an issue than
one might have thought. Only a third of the
organisations surveyed cite the advantageous
costs and lack of investment as drivers, while
only 22% are motivated by a Capex-to-Opex
shift.
54%
You wish to switch to OPEX
35%
33%
It addresses security concerns
more quickly
6% It’s a general approach of your company
41%
Costs are more advantageous
You don’t have enough internal skills
22%
Quality of service is better
Motivations for outsourcing Incident Response

© PAC
As cyber security breaches impact business performance it
seems reasonable to treat incident response as part of an
organisation's business continuity program. And our survey
indicates that this is beginning to happen: 23% of firms
surveyed say that incident response and business
continuity are part of the same organisation. Encouragingly,
the remaining 78% of organisations have some link
between incident response and business continuity, either a
strong link (shared reporting lines or membership of
relevant committees and working parties, for example) or
an informal relationship (such as one based on personal
relationships).
Q. Are your Cyber Incident Response resources linked or related to your organisation’s
business continuity resources?
23%
Yes, they are the
same resource
54%
No, but they are
linked strongly
24%
No, but they are
linked informally
0%
No they are not
linked at all
Is Cyber Response part of Business Continuity?

© PAC
A minority of firms surveyed use no external resource to provide
incident response. Of these firms, the most commonly-cited
reason for using internal resources exclusively is a sufficiency of
internal resources. It is interesting to explore this in more detail:
the firms reporting a high level of internal resources come mostly
from the public sector, and particularly from that in the UK.
Another commonly cited inhibitor of outsourcing incident
response is that security is too critical to leave to external
We have all the
necessary
internal
resources
66%
Security is too
critical to
outsource
63%
31%
I don‘t know what
the market offers
51%
I have not found
suitable offers
Q. Why do you not use external resources?
providers. Again, the UK respondents in our survey seem to be
the most reluctant to use external resources for incident
response.
The survey responses indicate that providers of incident
response may need to improve their marketing outreach
programs: 51% of organisations that only use internal resources
claim that they have not found suitable providers. And 31%
simply don't know what the market offers.
3%
I don‘t think that
response will be
better
(n=35)
Inhibitors for Outsourcing Incident Response

© PAC
We were interested to understand what organisations look for in
a provider of incident response capability. The top two responses
give a strong indication of what firms look for: a strong track
record in security and a trusted and well-known brand. This is
important, as many providers have entered the security market
opportunistically due to its rapid growth. But many of these lack
the credentials that enterprises seek. So established providers
with references and a history of success in security (and
preferably incident response) have an advantage: this should
feature strongly in their marketing messages.
Not surprisingly, security skills & expertise and specialist
qualifications feature highly. Qualifications can either be
government-issued, such as CLAS in the UK or ESSI in France, or
internationally-recognised certifications such as CISSP and ISACA.
Curiously, government accreditation at the firm level (as opposed to
individually held certification) is much less important.
We were surprised to see that local delivery teams are not important
for instant response. One might think that data sovereignty issues
would be a consideration. However, on reflection, this makes sense:
incident response is a matter of urgency and requires the requisite
staff to be made available more or less immediately. This means
that their home location is largely irrelevant. In fact many service
providers fly in their experts from a variety of locations in order to
resource urgent incidents appropriately.
Q. When considering a security services provider for incident response what do you look for?
13%
Local delivery
team
Strong track
record in cyber
security
70%
A trusted and
well-known
brand
62%
Security skills
& expertise
63%
Specialist
qualifications
36%
Government
accreditation
69%
What to look for in an Incident Response provider

© PAC
Analyst Conclusion
This study has shown that cyber breaches are, to all intents and purposes, inevitable. All of the companies we surveyed have
experienced a cyber breach and most have been breached within the last 12 months. Consequently, cyber security spend is
shifting away from traditional Prevent & Protect approaches towards Detect & Respond operations, resulting in a more balanced
security budget. Firms are trying to address not only the inevitability of a breach but also its impact, both in direct remediation
costs and in reputational damage. They are also attempting to reduce the time for breach discovery. With Mandatory Breach
Notification on its way linked to upcoming EU regulations, organisations are increasingly concerned at the impact of a breach and
the way it is handled. We discovered, however, that although organisations believe they are prepared for a breach many do not
have a formalised cyber readiness plan in place, nor do they test it frequently. Firms need to do more work in this area, as
preparedness for a cyber incident cannot be based simply on hope.
Over the next two years we expect to see an increase in take-up of software specifically designed to manage the IR process,
either as an alternative, or supplementary, to outsourcing. This will include both the management of IR plans and simulation of
response and mitigation activities. We will also undoubtedly see a strengthening of outsourced incident response adoption, as
firms plan for breaches by forging relationships with services providers, typically on a retainer basis. This provides the assured
service levels required to fulfill a readiness plan, while accessing rare expertise and skills and keeping costs manageable. Cyber
risk insurance, while adopted at low levels today, will also grow, driven in particular by incoming EU legislation.
Firms in the UK, France and Germany are on a journey of maturity in cyber security incident response. They are moving from a
position of vulnerability, where defences are insufficient to prevent a breach. Firms increasingly view third parties as a critical
source of advice, support and guidance in doing so. The journey will not be a smooth ride, but organisations seem to be heading
in the right direction.
Duncan Brown
Research Director
PAC

© PAC
Disclaimer, usage rights, independence and data protection
This study was compiled in multi-client mode under the sponsorship of FireEye, HP, Telefonica and Resilient Systems.
For further information, please visit www.pac-online.com.
Disclaimer
The contents of this study were compiled with the greatest possible care. However, no liability for their accuracy can be
assumed. Analyses and evaluations reflect the state of our knowledge in May 2015 and may change at any time. This applies
in particular, but not exclusively, to statements made about the future. Names and designations that appear in this study may
be registered trademarks.
Usage rights
This study is protected by copyright. Any reproduction or dissemination to third parties, including in part, requires the prior
explicit authorization of the sponsors. The publication or dissemination of tables, graphics etc. in other publications also
requires prior authorization.
Independence and data protection
This study was produced solely by Pierre Audoin Consultants (PAC). The sponsors had no influence over the analysis of the
data and the production of the study.
The participants in the study were assured that the information they provided would be treated confidentially. No statement
enables conclusions to be drawn about individual companies, and no individual survey data was passed to the sponsors or
other third parties. All participants in the study were selected at random. There is no connection between the production of
the study and any commercial relationship between the respondents and the sponsors of this study.

© PAC
Contact
Founded in 1976, Pierre Audoin Consultants (PAC) is part of the CXP Group, the
leading independent European research and consulting firm for the software, IT
services and digital transformation industry.
The CXP Group offers its customers comprehensive support services for the
evaluation, selection and optimization of their software solutions and for the evaluation
and selection of IT services providers, and accompanies them in optimizing their
sourcing and investment strategies. As such, the CXP Group supports ICT decision
makers in their digital transformation journey.
Further, the CXP Group assists software and IT services providers in optimizing their
strategies and go-to-market approaches with quantitative and qualitative analyses as
well as consulting services. Public organizations and institutions equally base the
development of their IT policies on our reports.
Capitalizing on 40 years of experience, based in 8 countries (with 17 offices
worldwide) and with 140 employees, the CXP Group provides its expertise every year
to more than 1,500 ICT decision makers and the operational divisions of large
enterprises as well as mid-market companies and their providers. The CXP Group
consists of three branches: Le CXP, BARC (Business Application Research Center)
and Pierre Audoin Consultants (PAC).
For more information please visit: www.pac-online.com
PAC’s latest news: www.pac-online.com/blog
Follow us on Twitter: @PAC_Consultants
Duncan Brown
Research Director
+44 (0) 20 7553 3966
d.brown@pac-online.com
Dominic Trott
Senior Consultant
+44 (0) 20 7553 3966
d.trott@pac-online.com
2015

Breaches Are Bad for Business. How Will You Detect and Respond to Your Next Cyber Incident?

Recommended

Recommended

More Related Content

What's hot

What's hot (19)

Viewers also liked

Viewers also liked (14)

Similar to Breaches Are Bad for Business. How Will You Detect and Respond to Your Next Cyber Incident?

Similar to Breaches Are Bad for Business. How Will You Detect and Respond to Your Next Cyber Incident? (20)

More from Hewlett Packard Enterprise Business Value Exchange

More from Hewlett Packard Enterprise Business Value Exchange (20)

Recently uploaded

Recently uploaded (20)

Breaches Are Bad for Business. How Will You Detect and Respond to Your Next Cyber Incident?