Story image

Not quick enough: Most firms can't detect or contain a breach within one hour

28 Mar 2018

Organisations around the globe still face a tough fight against the cyber threat battle, with new research from LogRhythm showing that fewer than half of all organisations are able to detect a ‘major’ cybersecurity incident within one hour.

751 IT decision makers from Asia Pacific, the UK, and the US admitted that they are ‘moderately’ confident in their ability to protect their organisations against hackers.

LogRhythm says this is more of a ‘hopeful’ attitude rather than a truly confident one.

39% of respondents in Asia Pacific also admitted their company has experienced a breach in the past year.

Despite hiring an average of 12 cybersecurity professionals in their organisation, less than a third of respondents said that if they did detect a major cyber incident, they would not be able to contain it within an hour.

Asia Pacific respondents allocate more of their budget to security than their UK and US counterparts. Overall, 57% say they are moderately comfortable with their security funding and a quarter say they are not comfortable.

LogRhythm’s senior regional director for Asia Pacific and Japan, Joanne Wong, says threats continue to grow – and organisations need to focus their planning.

“To combat these threats, organisations need to carefully plan their budgets and strategies, while developing effective programs that tackle specific threats and keep them one step ahead of cyber attackers.”

Respondents say that their security maturity is supported by threat detection programs. 95% use security software to prevent and respond to threats.

70% say they use these programs to detect specific threats such as ransomware. This tactic also influences respondents’ cybersecurity confidence.

Respondents who don’t have programs to protect against threats such as ransomware, insider threats, and service denial attacks are less confident in their security programs.

The same segment reported slower rates of detection, response, and containment.

Respondents aren’t necessarily reliant on one solution to do the job - 10% use at least 10 security software solutions.

Despite numerous threat detection products, around half of all respondents believe a hacker can still breach their organisation.

When asked what would be beneficial to incident detection and response, almost 80% say a platform for security management, analysis, and response but only a third rate a platform as ‘very beneficial’.

“This response may reinforce the notion that true security confidence cannot be created with technology alone,” LogRhythm says.

Respondents were not optimistic about their organisation’s capability to operate from a threat lifecycle management perspective. One third of respondents say they need help at all stages, especially detecting, investigating, neutralising, and recovering from cyber threats.

Opinion: BYOD can be secure with the right measures
Companies that embrace BYOD are giving employees more freedom to work remotely, resulting in increased productivity, cost savings, and talent retention.
Sonatype and HackerOne partner on open source vulnerability reporting
Without a standard for responsible disclosure, even those who want to disclose vulnerabilities responsibly can get frustrated with the process.
OutSystems and Boncode team up for better code analysis
The Boncode and OutSystems alliance aims to help organisations to build fast and feel comfortable that the work they're delivering is at peak quality levels.
Nuance biometrics fight back against fraud
Nuance Communications has crunched the numbers and discovered that it has prevented more than US$1 billion worth of fraud from being passed on to users of its Nuance Security Suite.
Attacks targeting Cisco Webex extension explode in popularity - WatchGuard
WatchGuard's Internet Security Report for Q4 2018 also finds growing use of a new sextortion phishing malware customised to individual victims.
Developing APAC countries most vulnerable to malware - Microsoft
“As cyberattacks continue to increase in frequency and sophistication, understanding prevalent cyberthreats and how to limit their impact has become an imperative.”
Worldwide spending on security to reach $103.1bil in 2019 - IDC
Managed security services will be the largest technology category in 2019.
Privacy: The real cost of “free” mobile apps
Sales of location targeted advertising, based on location data provided by apps, is set to reach $30 billion by 2020.