Firms Take 10 Hours to Spot Data Breaches, Mcafee Finds

The average organization believes it would spot a data breach in ten hours, a McAfee global survey of IT professionals has found. But is that result good, indifferent or an indication of the downright complacent?

data breach, security

The average organization believes it would spot a data breach in ten hours, a McAfee global survey of IT professionals has found. But is that result good, indifferent or an indication of the downright complacent?

The firm's interrogation of 500 decision makers from the US, UK, Germany and Australia earlier this year found that 22 percent thought they'd need a day to recognise a breach, with one in twenty offering a week as a likely timescale.

Just over a third said they would notice data breaches in a matter of minutes, which counts as real-time by today's standards.

In terms of general security, three quarters confidently reckoned they could assess their security in real-time, with about the same number talking up their ability to spot insider threats, perimeter threats and even zero-day malware.

All of this was despite 58 percent admitting they had suffered a data breach in the last year with only a quarter spotting that fact within minutes.

When trying to locate the source of the breach - the most important aspect of any detection and remediation regime - a third said it took a day and 16 percent as long as a week.

"If you're in a fight, you need to know that while it's happening, not after the fact," suggested McAfee's CTO, Mike Fey.

"This study has shown what we've long suspected - that far too few organisations have real-time access to the simple question 'am I being breached?' Only by knowing this, can you stop it from happening," he said.

In McAfee's view the general optimism buried in some of these numbers belies the probability that many organisations over-estimate both the speed at which they notice breaches and their ability to quickly trace their source.

Third parties have backed them up on this, especially a survey from security vendor Trustwave that found that many data breaches take months to spot, with the average being 210 days; 14 percent take longer than two years.

One of the problems is the way the battlefield keeps shifting, with the average large organisation now storing between 11 and 15 Terabytes of data per week, McAfee calculated.

According to McAfee, the rise of advanced persistent threats meant that spotting attacks and resulting breaches required systems that could inter-connect "big security data," risk-based analysis and modelling.

This story, "Firms Take 10 Hours to Spot Data Breaches, Mcafee Finds" was originally published by Techworld.com.

To comment on this article and other CIO content, visit us on Facebook, LinkedIn or Twitter.
Download the CIO October 2016 Digital Magazine
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.