According to a report from Aberdeen Group, the median dwell time for data breaches between 2014 and 2016 was around 38 days, leaving data breaches undetected for nearly five to six weeks.
The term dwell time refers to the total number of days it takes from the attacker’s compromise to the defenders' detection. As with many elements of cyber security, time is working on the attacker’s side and is taking serious advantage of defenders that are dragging their feet.
The report found that the business impact of a successful data breach is greatest at the beginning of the exploit when the records are first compromised, as attackers are trying to steal as much data as possible in the shortest amount of time without getting caught.
Aberdeen found that companies twice as fast at threat detection and incident response lower their business’s impact by around 70%.
The element of time in the world of endpoint security is intensified by the sheer volume of vulnerabilities and exploits users are subjected to daily, not to mention the increasing sophistication of attacks methods. Unsurprisingly, many organizations today are blithely continuing day to day operations while an attack is in progress because they are simply not spotting the breaches as they occur.
With NNT, your organization will be provided with non-stop, continuous visibility of what is going on in your IT estate, allowing your organization to spot in real-time any unusual changes that may represent a breach, and take action before it is too late. Through faster identification and containment of zero-day malware, your organization will reduce the likelihood of falling victim to a security breach and avoid the damaging impact that these breaches have on organizations.
From extreme financial costs to reputational damage, the impact of a breach can have devastating effects on a business. With NNT’s real-time, continuous, change detection with File Integrity Monitoring (FIM), your organization will be able to detect and alert breach activity within seconds of an incident and minimize the potential damage.
Read this article on InfoSecurity Magazine