Tuesday, June 18, 2013
Firms struggle to identify data breaches, study finds
No company wants to experience a data breach. Depending on the nature of the incident, these breaches can range from a nuisance to an absolute catastrophe. If the information exposed is sensitive, valuable and expansive enough, it is possible for a single data breach to put a company out of business. Not only will a data breach often lead to direct financial losses, but it can also result in fines and sanctions from regulatory bodies and, even more importantly, a severely tarnished reputation. A firm that experiences a data breach will likely struggle to gain the trust of new customers, and to retain the confidence of existing clients. The resulting business losses will often dwarf the more immediate effects of the data breach.
The likely damage caused by data breaches was further highlighted by the release of a recent McAfee-commissioned study. As the Needle in a Datastack report revealed, many companies struggle to detect breaches, thereby exacerbating the effects of these incidents.
Noticing the loss
Conducted by Vanson Bourne, the study noted that the ability to detect a data breach within minutes of the initial incursion is essential for preventing or minimizing data loss. However, only 35 percent of the 500 participating senior IT decision-makers from the United Kingdom, Germany and Australia were able to detect breaches this quickly. Twenty-two percent of respondents said their firms would need at least a day to identify a data breach, and the average firm indicated that 10 hours are needed to detect such incidents.
Furthermore, only 14 percent of respondents said they were able to identify the source of data breaches within minutes, while 33 percent required a day and 16 percent a week.
This study's findings have significant implications when it comes to secure file transfer solutions. As the report indicated, it is potentially possible to minimize the damage wrought by a data breach if the incident is detected and responded to immediately.
"If you're in a fight, you need to know that while it's happening, not after the fact," said Mike Fey, executive VP and worldwide CTO for McAfee. "This study has shown what we've long suspected - that far too few organizations have real-time access to the simple question 'am I being breached?' Only by knowing this, can you stop it from happening."
However, the results of the study indicated that this is really not feasible for most firms. With relatively few exceptions, companies simply lack the resources and abilities to effectively detect data breaches as they occur. Consequently, relying on a reactive cybersecurity strategy is a recipe for disaster.
Instead, companies of all kinds need to invest in high-quality secure file transfer solutions and other cybersecurity measures. Secure file transfer tools are particularly critical, as data is often at its most vulnerable when it is in movement. By investing in these and other protective measures, firms can greatly reduce the likelihood of a breach occurring, thereby reducing the damage caused by delayed breach detection.