More than a quarter of firms have been breached in the past 12 months, but 23% aren’t sure, highlighting a concerning lack of visibility in many organizations, according to DomainTools.
The DNS security firm interviewed 550 IT execs and security professionals to compile its 2017 Cybersecurity Report Card.
The research revealed that while a majority of organizations (53%) detected an attack the same day it occurred, over a quarter (28%) took between a day and a week and around 20% between a week and a month.
This is worrying because the longer the “dwell time” for malware inside targeted systems, the more damage it could potentially do.
Yet a quarter of those breached in the past 12 months didn’t even know if the attack was targeted or not, according to DomainTools.
More concerning still, when asked to grade their current cybersecurity program, only 15% of respondents gave an “A” – with 43% rating themselves “C,” “D,” “F,” or “non-existent.”
Interestingly, the majority of those A-graders claimed to have a formalized staff training program (82%), use a high degree of automation in their security set-up (99%) and use threat intelligence to dig deeper into forensic clues left by an attack (78%).
“With devious hackers leveraging various tactics and threat vectors, it’s clear there is no one-size-fits-all approach to protecting the network,” said DomainTools director, Tim Helming.
“What’s interesting about our new global survey data is to see the actual connection between hunting threats and secure networks, as the 'A' companies that are more likely to drill down on forensic clues were less likely to be breached compared to the other companies."
Unsurprisingly, only 15% of A-grade organizations said they’d suffered a breach in the past 12 months.
For those looking to improve their security posture, more budget (50%), more staff (49%), and more time to evaluate and install technologies (42%) were seen as the key ingredients required to be more successful.