Retailers Take 197 Days to Discover Advanced Attacks

Retailers in North America and EMEA take 197 days on average to detect advanced attacks on their networks – nearly twice as long as their financial services counterparts, according to new research from the Ponemon Institute.

The study, sponsored by Arbor Networks, found that financial institutions generally took 98 days to spot a serious incursion – still more than enough time for hackers to make off with highly sensitive customer data or IP.

More worrying still is that 83% of financial services firms and 44% of retailers said they experience over 50 attacks each month.

It’s perhaps not surprising then, that the majority of financial (58%) and retail (71%) firms said they weren’t confident of being able to improve detection rates over the coming 12 months.

Financial services organizations were generally better equipped to deal with the threat of advanced attacks. Some 45% said they have implemented incident response procedures (versus 34% of retailers) and 43% said they share threat intelligence with private or public sector bodies (versus just 17%).

Interestingly a majority also said they considered DDoS attacks as an advanced threats. Nearly half (48%) of financial firms said they were effective in containing these attacks, while 39% of retailers said they were.

Terry Greer-King, director of cyber security at Cisco UKI, argued that firms need to assume an attack has already occurred if they want to mitigate risk most effectively.

“Recent research from Cisco reveals that companies with a low level of security sophistication are characterized by unpredictable, ad hoc and often, reactive security processes,” he added.

“In striving to mitigate external threats and reduce dwell time, companies must invest in a holistic approach to security. This starts with the executive leadership team prioritizing security as a business risk.”

Given that employee behavior can be a major risk to the organization, effort should also be made to ensure every member of staff understands what their firm’s security policies and procedures are.

“In doing so, employees themselves will be educated and motivated to adhere to the organization’s security processes and accept responsibility on the individual level,” said Greer-King.

The reports can be found here and here.

What’s Hot on Infosecurity Magazine?