Too Often Companies Learn About Data Breaches from Others

Too Often Companies Learn About Data Breaches from Others

data breaches discovered

Evidence continues to mount that most enterprises need to dramatically improve their cybersecurity.

During the last few years, the majority of data breaches were first discovered by entities other than the affected organization—a clear indication that something is wrong. In 2015, research conducted by Intel1 found that in 80% of data breach cases, the crime was discovered by law enforcement, regulatory bodies, credit card companies, banks, or customers and not by the organization themselves. Unfortunately, not much has changed. Verizon reported that in 2016, 83% of companies who experienced a data breach learned about it from outside entities2.

“As the time for attackers to compromise a target decreases, so too does the time for companies to discover a security incident. Close to a quarter of events included in Verizon’s dataset were discovered in a matter of “days or less.” Unfortunately, that percentage is increasing at a slower rate than the proportion of compromises that took “days or less”, which means attackers are one step ahead of security personnel.” —David Bisson, Tripwire

It’s also interesting that according to the Intel and Verizon studies, data theft or other damage often occurs in a matter of minutes after an organization’s networks are compromised. Yet in most cases, a number of weeks to months go by before the incident is discovered. In some instances, it took nearly two years to detect the breach.

The statistics are clear. Many if not most organizations need a more efficient way to detect and mitigate cyber-attacks.

Fortunately, recent developments in machine learning are very effective at detecting malware-based attacks, including the most advanced and evasive types. Lastline Enterprise3, which uses machine learning techniques to identify the latest and most sophisticated malware, achieved the highest rating ever from NSS Labs, the world’s leading facility for testing anti-malware products.

Organizations that deploy the right cybersecurity tools can be the first to detect an attack, not the last.

Learn more about how Lastline Enterprise can protect your company from the most advanced malware-based attacks.

1Grand Theft Data, 2015 Intel Security Data Exfiltration Study
2 Verizon 2016 Data Breach Investigations Report
3 Lastline Named Leading Breach Detection Vendor

Brian Laing

Brian Laing

For more than 20 years, Brian Laing has shared his strategic business vision and technical leadership with a range of start-ups and established companies in various executive level roles. The author of “APT for Dummies,” he was previously vice president of AhnLab, where he directed the US operations of the internationally known security and software leader. Brian previously founded Hive Media where he served as CEO. He co-founded RedSeal Systems, where he conceived the overall design and features of the product and was granted two patents related to network security. He was also founder and CEO of self-funded Blade Software, who released the industry’s first commercial IPS/FW testing tool.
Brian Laing