Organizations taking longer to detect breaches: report

The retail industry reported 15 per cent more data breaches in 2012 compared to the previous year but what could be more alarming is that it is taking longer for organizations to detect that their systems have been breached, according to a report released yesterday by data security firm, Trustwave Inc.

Trustwave found that 64 per cent of organizations attacked took more than 90 days to detect and intrusion. The average time for detection, Trustwave said, was 210 days, or 35 days longer than it took in 2011.
 
 

“Five per cent took more than three years to identify the criminal activity,” the company’s report said. “Most victim organizations rely on third parties, customers, law enforcement or regulatory bodies to notify them a breach has occurred.”

RELATED CONTENT

Video: How to prevent a data breach with smarter IT spending
Nortel did nothing about data breach, report alleges

Business, the Chicago-based security company said, are rapidly adopting an outsourced, third party information technology (IT) model  and this is not very good because in 63 per cent of its investigations revealed a third party responsible for system support, development of maintenance, “introduced security deficiencies easily exploited by hackers.”

“Cyber criminals will never stop trying to compromise systems to obtain valuable information such as customer and private user data, corporate trade secrets and payment cart information,” said Robert McCullen, CEO of Trustwave.

He said the most common methods of intrusion were: SQL injection and remote access attacks which made up 73 per cent of the infiltrations in 2012. Malware found on Android devices grew from 50,000 samples in 2011 to 200,000 last year. 

Out of the 450 cases investigated last year, about 40 variations of malware were found and attributed to six main criminal groups. Russia and the United States were found to be the largest contributors to malware attacks accounting for 39.4 per cent and 19.7 per cent of hosted malware, respectively.

 

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now