Breach Discovery: 10 Hours

Monday, June 17, 2013 @ 07:06 PM gHale


Security usually ends up being a matter of vigilance, so the longer it takes to understand the system is under attack, the harder it will become to ward off the bad guys.

That is why businesses are vulnerable to security breaches due to their inability to properly analyze or store big data, according to a new report out by security firm, McAfee.

RELATED STORIES
Security Breach Fantasy Land
Botnet Hurt, so are Researchers
P2P Botnets Keep Growing
Global Cybercrime Botnet Breached

The ability to detect data breaches within minutes is critical in preventing data loss, yet only 35 percent of firms said they have the ability to do this. In fact, 22 percent said they would need a day to identify a breach, and five percent said this process would take up to a week. On average, organizations said it takes 10 hours for a company to recognize a security breach.

“If you’re in a fight, you need to know that while it’s happening, not after the fact,” said Mike Fey, executive vice president and worldwide CTO at McAfee. “This study has shown what we’ve long suspected — that far too few organizations have real-time access to the simple question ‘am I being breached?’ Only by knowing this, can you stop it from happening.”

Nearly three quarters (73 percent) of respondents said they can assess their security status in real-time and they also responded with confidence in their ability to identify in real-time insider threat detection (74 percent), perimeter threats (78 percent), Zero Day malware (72 percent) and compliance controls (80 percent).

However, of the 58 percent of organizations that said they suffered a security breach in the last year, 24 percent found it within minutes. In addition, when it came to actually finding the source of the breach, 14 percent could do so in minutes, while 33 percent said it took a day and 16 percent said a week.

This false confidence highlights a disconnect between the IT department and security professionals within organizations.

The study of 855 incidents showed 63 percent took weeks or months for security professional to find them. On the other side, the stolen data was out the door from these organizations within seconds or minutes in 46 percent of the cases.

On average, companies are storing 11-15 terabytes of security data a week, a figure that Gartner Group predicts will double annually through 2016. To put that in perspective, 10 terabytes is the equivalent of the printed collection of the Library of Congress.

Despite storing such large volumes of data, 58 percent of firms admitted to only holding on to it for less than three months.



Leave a Reply

You must be logged in to post a comment.