As Ransomware Proliferates, Response Time Drops
A new study shows organizations are responding to cyber attacks faster than ever, so why is that bad news?
An article review.
When it comes to cyber attacks, the sooner an organization can begin to respond to an attack the better, so the results of a new study showing a drop in the amount of time hackers have access to compromised networks should be a good thing…but that isn’t the whole story.
The study, conducted by FireEye Mandiant, found the period of time between a security incident and when that incident was identified is at the lowest point ever, at 24 days. According to that same study last year that time stood at an average of 56 days, and a decade ago hackers typically had access to compromised networks for a year or more before discovery.
The problem with these numbers, according to the researchers, is ransomware. Attackers often try to deploy ransomware attacks as soon as possible after gaining access to a compromised network, and this has largely contributed to the decline in response time: ransomware attacks have become so prevalent that it’s caused response time to drop dramatically.
To combat this threat, the report authors suggest working on fundamental security issues such as patch management and user awareness…because after all, avoiding an attack is better than responding quickly to one.
Original article by Danny Palmer writing for ZDNet.