Most companies can't detect data breaches

Data CBR Staff Writer

14:32, May 22 2014

Victim companies take 87 days to detect breaches but just one week to contain them.

About 71% of compromised companies could not detect data breach incidents themselves during 2013, despite the number of incidents increasing 54% compared to 2012, according to a report from Trustwave.

According to annual security report found that the compromised companies took only one day to contain the data breach that had self-detected the incident, while in case of the companies took 14 days to contain the damage when detected by third party.

During the year, the number of days the companies took to contain the breach decreased compared to 2012, with half of the victims contained the breach within four months of initial intrusion.

According to the report, the victim companies took 87 days to detect the breach since the initial intrusion while they took only seven days to contain it.

About 67% of the compromised companies could contain the breach within 10 days since after detecting a breach.

Trustwave chairman and CEO, Robert McCullen, said: "Security is a process that involves foresight, manpower, advanced skillsets, threat intelligence and technologies.

"If businesses are not fully equipped with all of these components, they are only increasing their chances of being the next data breach victim.

"As we have seen in our investigations, breaches are going to happen. However, the more information businesses can arm themselves with regarding who are their potential attackers, what those criminals are after and how their team will identify, react and remediate a breach if it does occur, is key to protecting their data, users and overall business."

Though the payment card data is most comprised data, about 45% of the braches involve non-payment card thefts, up by 33% compared to previous year.

Non-payment card data includes other sensitive and confidential information such as financial credentials, internal communications, personally identifiable information and various types of customer records.

Breaches related to E-commerce account for 54% of the breaches, Point-of-sale (POS) breaches accounted for 33% of the breaches while followed by data centres breaches accounting for 10% of the breaches.

Researchers at Trustwave believe that during 2014 and beyond, POS and e-commerce breaches could dominate the breaches.

About 59% of the victims are from US which was followed 14% from the UK and 11% from Australia followed Hong Kong and India with 2% each.

Among the victim industries, retail was top target with 35% of the breaches, food and beverages industry stood second with 18% and hospitality industry stood third with 11% of the breaches.

Threat actors used malware as their main weapon to intrude into the victims' network and extract data while 78% of the exploits used Java applets to deliver malware exploiting vulnerability of Java.

About 85% of the breaches exploited third party plug-ins including including Java, Adobe Flash and Acrobat Reader.

The US emerged as the top malware hosting country with 42%, Russia stood second with 13% and Germany third with 9%.

Trustwave report found that the use of weak password was responsible for 31% of the compromises with most of them using "123456" as password followed by "123456789," "1234" and then "password".

About 25% of the usernames had passwords stored for multiple sites, the report added.

Trustwave gathered the data from 691 breach investigations across 24 countries.

get a cbr Cyber Security weekly update

Terms & Conditions & Privacy Policy.


Post a comment

Comments may be moderated for spam, obscenities or defamation.