BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

Security Breaches Take Hours to Detect, Weeks to Neutralize: Report

From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Mon, 16 Jun 2014 20:37:41 -0600
http://www.cbronline.com/news/tech/software/malware/security-breaches-take-hours-to-detect-weeks-to-neutralize-report-4293870

Over 46% of cyber attacks take hours to get detected, and neutralizing them
takes even longer, extending to weeks and months.

Among the respondents to a survey, 82% said that there was no decrease in
security network breaches last year in spite of an increase in investment
in these areas. Nearly 60% of the IT resources are dedicated to the
protection of network layer.

The survey, undertaken for CSG Invotas polled "decision makers of
information security, strategy, and solution implementations at companies
with 500 or more employees".

According to the report, ongoing management of electronic identities that
control access to enterprise, cloud, and mobile resources take the most
time to change or update during a security event.

The survey suggests that automation of security workflows and processes
will enable companies to respond to potential breaches faster.

IDG Research research director Jen McKean said, "There's no doubt that
improving intrusion response and resolution times reduces the window of
exposure from a breach.

"More companies seek security automation tools that will enable them to
resolve breaches in mere seconds and help maintain business-as-usual during
the remediation period."

A survey report released by security firm Mandiant last month found that
the median number of days taken to detect a breach in 2013 was 229, a
decrease from 243 days in 2012. Only 33% of the companies surveyed said
that the breaches were detected by themselves.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
YourCISO is an affordable SaaS solution that provides a comprehensive information security program that ensures focus 
on the right security.  If you need security help or want to provide real risk reduction for your clients contact us!
Previous By Date Next
Previous By Thread Next

Current thread: