Companies are still failing to detect data breaches and hacking incidents, with outsiders getting access and sitting on the corporate network for up to two years in some cases.
According to the Trustwave 2013 global security report, organisations fail to detect attacks and breaches and EMEA Trustwave Spiderlabs director John Yeo said that this 'exacerbates the data breach'. He said: “This is the point where an intrusion leads to a data breach, our investigation found that sometimes, attackers spent two years living in the environment and exposing data records.”
The report found that the average time from an initial breach to detection was 210 days, an increase by 35 days from 2011, with most victims taking over 90 days to detect the intrusion, while five per cent took three or more years to identify the criminal activity.
Yeo said that many companies would feel that they are doing enough to be secure by doing their due dilligence, while others would assume that by being compliant they would have the appropriate measures to respond.
Speaking at the launch of the report, Paul Simmonds, Jericho Forum board member and former CISO at AstraZeneca and ICI, said that when he was at ICI his team would evaluate third parties and suppliers and when they found an infection, call them and say 'do you realise that?'.
“We had a full time security team to spot anomalies and know what to look for, but our suppliers didn't have those people,” he said.
The Trustwave report, which used data from more than 450 global data breach investigations and more than 2,500 penetration tests, also found that responsibility for system administration was the duty of 63 per cent, with the remaining 37 per cent doing it themselves.
According to the 2012 Verizon Data Breach Investigations report, 54 per cent diiscovered an attack in months while 29 per cent did it in weeks. Only two per cent of those attacked discovered the breach within a matter of hours. Within larger organisations, 39 per cent discovered in months, 27 per cent in days and 24 per cent in weeks. In terms of data exfiltration, 38 per cent of respondents were aware of this in minutes, while 25 per cent were aware within days.