Can you afford to wait 197 days to detect a threat?

Financial services and retail organizations agree, advanced threats are the most serious security challenge facing their organizations, shows a new Ponemon Institute study. Despite the concern, both industries struggle to identify these attacks once they are inside their network.


Known as ‘dwell’ time, the time it takes to identify these attacks is 98 days for Financial Services firms, and 197 days for Retail. Despite these results, 58 percent of Financial Services and 71 percent of Retail organizations said they are not optimistic about their ability to improve these results in the coming year. This is alarming considering the number of attacks targeting their networks. Within Financial Services, 83 percent experienced more than 50 attacks per month, while 44 percent of Retail firms did.

The best way to mitigate risk is to assume that an attack is already occurring, and to adopt an approach to security that addresses the entire attack continuum – before, during and after, according to Terry Greer-King, Director of Cyber Security, Cisco UKI. “While deploying and continually optimizing security policies and procedures is undeniably essential, it is equally important to ensure they are well documented, and clearly understood by each employee and every user. In doing so, employees themselves will be educated and motivated to adhere to the organization’s security processes and accept responsibility on the individual level,” Greer-King told Help Net Security.

Key findings among financial services firms:

Advanced threats

  • 71 percent view technologies that provide intelligence about networks and traffic as most promising at stopping or minimizing advance threats during the seven phases of the Kill Chain
  • 45 percent have implemented incident response procedures
  • 43 percent have established threat sharing with other companies or government entities.

DDoS attacks

  • 55 percent consider DDoS attacks as an advanced threat
  • 48 percent ‘Strongly Agree’ or ‘Agree’ that they are effective in containing DDoS attacks
  • 45 percent have established threat sharing with other companies or government entities to minimize or contain the impact of DDoS attacks.

Budgets and staffing

  • Budgets are allocated 40 percent towards Technology; 37 percent to Staffing and 20 percent to managed services.

Key findings among retail firms:

Advanced threats

  • 64 percent view technologies that provide intelligence about networks and traffic as most promising at stopping or minimizing advance threats during the seven phases of the Kill Chain
  • 34 percent have implemented incident response procedures
  • 17 percent have established threat sharing with other companies or government entities.

DDoS attacks

  • 50 percent consider DDoS attacks as an advanced threat
  • 39 percent firms ‘Strongly Agree’ or ‘Agree’ that they are effective in containing DDoS attacks
  • 13 percent have established threat sharing with other companies or government entities to minimize or contain the impact of DDoS attacks.

Budgets and staffing

  • Budgets are allocated 34 percent towards Technology; 27 percent to Staffing and 34 percent to Managed Services.

Methodology

Financial Services Organizations surveyed include 844 IT and IT security practitioners in North America and in 14 countries in EMEA. Retail organizations surveyed include 675 IT and IT security practitioners in North America and in 14 countries in EMEA.

Share this
You are reading

Can you afford to wait 197 days to detect a threat?