Breach Study: Little Self-Detection, Third Parties Pose Risks
DATA LOSSFebruary 10, 2012
The 2012 Global Security Report by Trustwave SpiderLabs shows that 84 percent of organisations facing a breach were notified by a regulator, law enforcement or the public prior to discovering it on their own, reports CSO. In these cases, the hackers had on average 173.5 days to access the organisation's data; however, in self-identified cases, the organisation knew of the breach 43 days after the initial attack. The study also found that the food and beverage industry is the hardest hit by breach incidents--making up 44 percent of breaches investigated by SpiderLabs in 2011--and that third-party remote-access applications are the most common point of entry for hackers, reports Infosecurity. CIO reports that in 76 percent of breaches analysed, a "third-party responsible for system support, development and/or maintenance introduced the security deficiencies exploited by attackers."