Breach Detection, Mitigation Still Slow

Monday, June 15, 2015 @ 04:06 PM gHale

Four months is the amount of time 46 percent of organizations that suffered a data breach took to detect a problem, and more than three months to mitigate the risk, research found.

In addition, as reported in the past and still going strong, 70 percent of breaches ended up detected by a third-party rather than the organization itself, according to a survey of 1,000 IT professionals, conducted by OnePoll on behalf of LogRhythm.

SaaS Breaches Very Costly
DDoS Attacks on Rise in Q2: Report
Ransomware Jumps in Q1: Report
Attackers’ RoI Over 1,400%: Report

In this day of security awareness, 73 percent of respondents said their company’s data is vulnerable to hacking, while 47 percent think their company should be doing more to improve the time it takes to detect and respond to threats.

While 59 percent of IT professionals said poor cyber security practices can have a big impact on business growth, a corresponding survey of 2,000 consumers found employees lack the awareness required to identify potential threats.

The survey revealed 86 percent of UK consumers do not know what spear phishing is, while 40 percent of those that have fallen victim ended up sharing confidential information. Despite this, 66 percent of employees do not receive any training on how to stay safe online at work.

“It’s clear that even though big breaches are consistently making headlines around the world, businesses are still not doing enough to protect their networks from today’s threats,” said Ross Brewer, vice president and managing director for international markets at LogRhythm. “Every organization today should see themselves as a target and have the necessary systems in place to identify and mitigate threats as soon as they arise – which is clearly not happening,”

“While the maturity of an organization’s security can vary dependent on budgets and its own risk tolerances, today’s threat landscape is such that if a hacker wants to get in, they will, which means every single organization should seriously consider putting systems in place that will immediately alert them to suspicious activity,” Brewer said. “What’s more, even the most bare-bones business needs to take greater responsibility for educating employees. As the front-line of any business there is the very real danger that, without increased education, an employee could easily and unwittingly leave the door to sensitive information wide open.”

The survey also found employees are now less likely to steal data from an organization than has been seen in previous LogRhythm research.

A similar survey from LogRhythm last year found that 38 percent of organizations did not have, or did not know of, any systems in place to stop employees accessing information they shouldn’t. In this year’s research this figure fell to 29 percent.

“This is a very positive step forward and shows that organizations are waking up to the insider threat,” Brewer said. “Over the last 12 months there have been a number of high profile breaches perpetrated by employees and this may have encouraged businesses to pay closer attention to internal goings-on.”

“Clearly we are making moves in the right direction, and next year I hope we’ll see similar improvements in the time it takes businesses to detect and respond to breaches,” he said.