Wait...how long can it take for a cyber-security incident to be detected

Have you had a security breach resulting in business disruption or data loss due to cyber-attack in the past 24 months? More than half of European firms admit to this, so you’re not the only one. However, UK firms are the most targeted…

54% of IT decision makers said that they faced at least one attack in the past 2 years. This was not just a small attack, but one which resulted in a disruption to services. What is worse, 1/5 IT decision-makers claimed the cyber attackers left no clue as to their identity.

What disruption was faced?

I was curious to see what services were being disrupted and the breakdown of how each section was affected. The security firm, Kapersky Lab created a poll which was filled in by nearly 2,000 European firms. The results were:

  • The service disruption was reported at 31%
  • Data integrity issues following the attack was reported by 18%
  • Data loss was reported by 15%

In terms of the geographical location of the attacks, organisations in the UK and Spain were the most affected with 64% of respondents confirming the incidents of cyber-attacks in their business throughout the past 24 months.

Who was affected?

The part of the research which I found the most interesting was the information surrounding who was affected by the cyber-security attacks. 64% of enterprises reported they were affected by a cyber-attack which caused disruption. Yet, 45% of small and medium organisations reported a cyber-attack. This difference is interesting considering the larger budgets that enterprises have, not to mention number of staff and arguably more intricate technology.

Has this been a huge increase?

Serviceteam IT’s own research and reports have noted the rise, rather than fall, in the number of cyber-security incidents faced by a company, alongside the concerns around attacks. 21% of respondents in the Kapersky survey reported that cyber-attacks on their business had increased in the past 12 months. 42% reported that attacks remained the same.

Detection and What Can be Done?

72% found the security breach in 8 hours or less. This meant that 25% of businesses did not act during the first few hours of the attack. The security breach in those cases was recognised later. I would strongly argue that this was too much later.

In terms of the financial impact of an attack, as might be obvious, early detection is more effective. The extent to this was realised through the Kaspersky Lab. Where security breaches were detected immediately, recovery costs were in the region of £456,000. Although this seems high, this was compared with £1.2 million for enterprises that took more than a week to detect a cyber threat.

Thoughts?

These findings support the nightmare of not detecting a cyber-attack. Attackers can sneak through an organisation’s network which makes investigations difficult. The importance of cyber-security cannot be further stressed.