Speeding Up Breach Detection
Organizations Must Balance Technology, Process Improvements
One reason for the lengthy detection time is two-thirds of organizations are told about a breach by a third party, rather than discovering it themselves, says Dave Merkel, chief technology officer at FireEye. “It’s the FBI showing up with your ‘wallet,'” he says. “Or even worse, your customer shows up [to tell you about a breach].”
Organizations looking to speed up breach detection on their own, rather than relying on others, need to improve their data analytics capabilities, prioritize the type of data they want to collect and analyze, and ensure they have appropriate staff who can take the time to review the data for suspicious activity.
In addition, entities in all sectors need to leverage their networks to segment and protect critical data, participate in threat intelligence sharing to spot signs of a breach and proactively scan the Internet for company data that could indicate a compromise has happened.
The bottom line? Security professionals need to pay as much attention to breach detection as they do to breach prevention, experts say. “We know that breaches are going to happen,” says Mike McCann, a consultant at Signum Security, which advises organizations on security matters. “What can we do to mitigate response times and mitigate the impact?”
For more information go to Speeding Up Breach Detection