Thursday, February 14, 2013
Data breaches often not detected for months, report finds
Data breaches are among the most potentially devastating events that can affect a company. When a data breach occurs, a business will often receive a tremendous amount of negative, unwanted attention, and this can have serious consequences.
Making matters worse, many data breaches remain undetected for months, or even years, as a recent Trustwave report demonstrated.
The Trustwave study considered 450 global data breach investigations, as well as thousands of penetration tests and scans. It found that the average time between an initial breach and detection was 210 days. In 2011, the average time before detection was only 90 days, which may indicate that cybercriminals are becoming more careful in their behavior, as well as the possibility that companies are simply dealing with more data, making it difficult to keep a close eye on security.
More than half of the studied data breaches took more than three months to detect. In some cases, years passed before the breach was recognized, allowing criminals an extremely high degree of access to company data.
Discussing the report's findings, John Yeo, director of EMEA Trustwave Spiderlabs, said that delayed discovery of breaches exacerbates the problem, as criminals can steal more information over an extended period of time.
The study found that while data breaches affected a wide range of sectors, retailers were the most frequently attacked, accounting for 45 percent of all breaches. In these cases, cardholder data was the primary target. The food and beverage sector, hospitality firms and financial services providers were also frequent victims of data breaches.
Data breach effects
The consequences of a data breach can be catastrophic for a company. If consumers hear that a particular firm experienced a data breach that led to the exposure of thousands of customers' sensitive information, many will be disinclined to use that company's services or buy its products in the future.
After all, people are becoming increasingly concerned with maintaining privacy and security for their personal information. If a particular organization is perceived as incapable of meeting these requirements, potential clients will simply avoid it.
Additionally, companies often face regulatory requirements when it comes to protecting their customers' data. Failure to have adequate protection in place can be seen as noncompliance, leading to fines and other sanctions.
All of these consequences are intensified by delayed detection of data breaches, but the best course of action is to choose solutions that minimize the risk of data breaches occurring in the first place.
Undoubtedly, antivirus and anti-malware programs can help in this regard. However, the more effective solution is to utilize tools that improve the inherent security of data as it is stored and moved by the organization.
For example, companies should consider investing in managed file transfer solutions. With these tools, organizations can confidently send and receive files both internally and externally without the risk of information falling into unauthorized hands. Critically, these tools can handle mission-critical information as well as everyday file transfers. Additionally, these resources operate in the background, meaning employees do not need to devote extra time and effort to protection. This improves usage rates, which are critical for ensuring consistent security.