Story image

175 days to detect a network intruder in EMEA - just 77 in US

07 Apr 18

A new study has emerged from FireEye that reveals US businesses are significantly more security savvy than their European counterparts when it comes to intruder detection.

FireEye’s M-Trends 2018 report found that organisations in Europe, the Middle East and Africa (EMEA) are taking 175 days (equating to nearly six months) to actually detect an intruder in their networks, giving said cybercriminal plenty of time to wreak havoc.

When compared to the findings from FireEye’s same survey last year, the median dwell time before detection in EMEA was a substantially lower figure of 102 days. In contrast, the median dwell time in the US is only 76 days, improving from 99 in 2016.

However, Asia Pacific (APAC) blows every region out of the park by a country mile after the report found the area’s median dwell time to be a staggering 489 days, soaring from 172 days in 2016.

FireEye says these findings are of particular concern when you take into consideration that GDPR is just around the corner with more severe breach disclosure guidelines and fines of €20 million or four percent of global turnover, whatever is the higher of the two.

High-Tech Bridge CEO Ilia Kolochenko says he is not surprised by the figures that EMEA appears to be far less equipped in terms of threat detection, as compared to other countries the US has always pioneered the cybersecurity industry with the highest budgets and willingness to invest into disruptive information security technologies.

“Technically speaking, these alarming numbers reflect the reality, however, I don’t see any reason for panic. Numerous previous reports have stated even longer breach detection periods and more disastrous unpreparedness of the victims,” says Kolochenko.

“Additionally, many of the detected security incidents impact a very limited number of external stakeholders (e.g. clients or other third-parties) or are inconsequential in terms of negative outcomes for the victims.”

Kolochenko says the findings should be viewed with a ‘glass half full’ perspective.

“Nowadays, the majority of large companies have a great wealth of unprotected Shadow IT systems that are continuously breached as organizations are not even aware of their existence. But the "crown jewels" systems are usually well protected and isolated,” says Kolochenko.

“A rise in machine learning solutions, capable of proactively detecting various anomalies, will greatly reduce breach detection time if properly installed and configured. Emerging cyber deception systems, will also help to identify intrusions in a timely manner. Therefore, I rather see a positive trend and new exciting opportunities for the market.”

The report from FireEye uncovered a number of further findings, including that cybercriminals often can’t resist a second attack – 56 percent of organisations around the world that received incident response support were then attacked again by the same or similarly motivated attack group.

ForeScout acquires OT security company SecurityMatters for US$113mil
Recent cyberattacks, such as WannaCry, NotPetya and Triton, demonstrated how vulnerable OT networks can result in significant business disruption and financial loss.
'DerpTrolling’ faces jail time for Sony DoS attacks
A United States federal court has charged a 23-year-old man for the hacks on Sony Online Entertainment and other major companies back in 2014.
Dropbox strengthens security with raft of new partnerships
Integrations will keep customer content protected and secure with tools for controlling identity access, governing data, and managing devices.
Companies swamped by critical vulnerabilities – Tenable
Research has found enterprises identify 870 unique vulnerabilities on internal systems every day, on average, with over 100 of them being critical.
Exclusive: Okta’s new GM shares its APAC strategy
“We believe that partnering with systems integrators, independent software vendors and consulting companies is a key factor of success for Okta.”
Three access management trends making waves in APAC
Consumer identity proofing, authentication, and authorisation will top the $37 billion value mark by 2023.
Combatting the rise of Cybercrime-as-a-Service
Amateur cybercriminals (or anyone with a grudge), can execute spam attacks, steal people’s identities, and more. 
ThreatQuotient partners with Visa for payments safety
“Cyber criminals are reusing tactics, techniques and procedures, leaving a recognisable trail of breadcrumbs and insights into the very attacks they are launching.”