Breach Detection Times Have Not Improved

Share and earn Cybytes
Facebook Twitter LinkedIn Email

Yesterday, Ponemon released the 2016 Cost of Data Breach Global Report. The numbers are in, and unfortunately breach detection times are still extraordinarily long.

The longer a breach goes undetected, the greater the risk to the organization.

According to the report, the time to identify attacks from malicious and criminal sources (which make up 48% of the attacks reviewed) was a full 229 days. Breaches from human error and system glitches still crossed the five-month threshold, at an average of 162 days and 189 days respectively. Unfortunately for these organizations, those are just the averages. Ponemon reports a range spanning 20 to 569 days in their survey, meaning the fastest detection took nearly a full month, and the longest took just shy of two years.

Organizations do not have that time to spare.

They need to immediate notification in the event that their information appears online. Once a breach is identified, companies must still contain the security threat, assess the damage, and begin the remediation process, all while attempting to maintain their customer base – something that’s hard to do when you’re two years late on noticing a breach (assuming you ever even notice it in the first place).

The longer a breach goes undetected, the greater the risk to the organization. As we’ve seen recently, Russian criminals had access to Democratic National Committee’s systems for over a year before the DNC noticed an issue. As with other extended access breaches, criminals have the opportunity to monitor, explore, and learn about a system, putting them in a position to release not only the original data itself, but also truncated or manipulated versions of the data, with no one the wiser. Criminals also gain insight into sensitive information about third parties in the process. It takes little effort to expand the original breach into an opportunity to exploit vulnerabilities among an organization’s partners, clients, or contractors, exponentially increasing the breach footprint.

Organizations must be in a position to quickly identify the exposure of their data – and confirm its authenticity – in the event of a breach. At Terbium Labs, we help them do just that.

Share this post and earn Cybytes
Facebook Twitter LinkedIn Email
About Terbium Labs
At Terbium Labs, we know that sensitive data will always be at risk. That’s why we developed Matchlight, the world’s first fully private, fully automated Dark Web Data Intelligence System. We monitor the dark web for your private data fingerprints and notify you immediately if even a trace of your information shows up where it shouldn’t. With fingerprint monitoring and automated tracking for key terms and patterns, such as email addresses or payment card numbers, we can protect your brand, customers, and employees without you having to reveal any information to us. Let us help protect your sensitive data and intellectual property.
Promoted Content
The Truth about the Dark Web
For most, the term dark web immediately conjures thoughts of illegal drug sales, pornography, weapons of mass destruction, fraud and other criminal acts. Download the research report "The Truth About the Dark Web: Separating Fact from Fiction" to learn more about common industry myths and what content actually exists on the dark web. In the industry's first data-driven, fact-based research report, Terbium Labs analyzes what's really taking place on the far corners of the Internet. In this paper, learn more about our findings, including: Anonymity does not mean criminality. Pornography is prominent, but not all of it is illegal. Drugs are a popular topic. The Fraud Foible. Extremism is rare.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play

Support Cybrary

Donate Here to Get This Month's Donor Badge

Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?