Hackers Still Outpace Breach Detection, Containment Efforts

Research shows time to discovery and containment of breaches slowly shrinking, but attackers don’t need a very big window to do a lot of damage.

It’s breach report season and one of the prevailing trends uncovered by security researchers is that organizations are ever-so-slowly improving the window between when a compromise occurs and when it gets detected. In spite of this slight gain, the fact solidly remains that the typical breach timeline still completely favors attackers.

How One AI-Driven Media Platform Cut EBS Costs for AWS ASGs by 48%

How One AI-Driven Media Platform Cut EBS Costs for AWS ASGs by 48%

Two different reports this spring showed that organizations are shortening the time to discovery of data breaches. Most recently, the Trustwave 2019 Global Security Report released late last month found that the time between an intrusion and detection of that incident shrank almost in half. That study showed that the median time between intrusion and detection fell from 26 days in 2017 to 14 days in 2018.

This corroborates the downward trend in this statistic identified in March by the FireEye 2019 Mandiant M-Trends Report, though that study showed a more modest reduction and a much higher time between these important breach milestones. Mandiant found that the time between intrusion and detection went down from 101 days in 2017 to 78 days in 2018. That’s marked improvement from 2011, when Mandiant put that number at 426 days.

Mandiant uses a common parlance of “dwell time” for this statistic, though other experts have their own colorful terms. But they all agree that reduction should be a big priority for cybersecurity teams.

A close-up of a hand resting on a computer keyboard with illuminated keys and a dark background.

Read more: Dark Reading 

Latest Articles

4 Common Kafka Installation Errors – And Proven Steps to Avoid Them

Apache Kafka is the platform of choice for real-time data processing, but getting it up and running can feel like an uphill battle.  With high throughput and fault tolerance, companies like Spotify rely on this distributed streamlining platform to deliver seamless services for over 600 million global users – supporting everything from log aggregation and […]

9th February, 2025
4 Proven Ways to Minimize Your AWS MSK Cost

The very tools designed to streamline cloud operations can sometimes stretch budgets thin. One good example is managing the costs associated with Amazon Managed Streaming for Apache Kafka (MSK). While AWS MSK simplifies deploying and scaling Kafka clusters, the costs can stack up if not optimized. Here’s how you can rethink your AWS MSK deployment […]

3rd February, 2025
Rotating Pen Test Vendors Isn’t the Best Approach: Here’s Why

How do organizations ensure their penetrating testing remains insightful and free from complacency? For many years, the answer was vendor rotation — the practice of changing pen test vendors every few years. But does this approach still make sense today? While it once served a crucial purpose, the administrative burden it creates can be significant. […]

30th January, 2025
The Reconnaissance Playbook of a Kubernetes Attacker

As Kubernetes gained widespread adoption in production environments, it became more attractive to attackers. Its distributed and dynamic nature made it a favorite for scalable and flexible containerized applications, but it also introduced some vulnerabilities and misconfigurations that can be exploited. For an attacker looking to exploit a Kubernetes cluster, reconnaissance is a critical first […]

27th January, 2025

Unlock Your Cloud Potential

Schedule a call with our experts. Discover new technology and get recommendations to improve your performance.

    GlobalDots' industry expertise proactively addressed structural inefficiencies that would have otherwise hindered our success. Their laser focus is why I would recommend them as a partner to other companies

    Marco Kaiser
    Marco Kaiser

    CTO

    Legal Services

    GlobalDots has helped us to scale up our innovative capabilities, and in significantly improving our service provided to our clients

    Antonio Ostuni
    Antonio Ostuni

    CIO

    IT Services

    It's common for 3rd parties to work with a limited number of vendors - GlobalDots and its multi-vendor approach is different. Thanks to GlobalDots vendors umbrella, the hybrid-cloud migration was exceedingly smooth

    Motti Shpirer
    Motti Shpirer

    VP of Infrastructure & Technology

    Advertising Services