In 2012, average time from breach to detection is 210 days!

During 2012, nearly every industry, country and type of data was involved in a breach of some kind, reports Trustwave, data security & PCI compliance firm, in its recently released Global security report 2013.

The findings are interesting, though not unexpected. Some of the key findings are below:

Web applications have now emerged as the most popular attack vector. As organizations embrace mobility, mobile malware continues to be a problem for Android, with the number of samples in Trustwave’s collection growing 400% in 2012.

Businesses are embracing an outsourced IT operations model. In 63% of incident response investigations, a major component of IT support was outsourced to a third party. Outsourcing can help businesses gain effective, cost-friendly IT services; however, businesses need to understand the risk their vendors may introduce and proactively work to decrease that risk.

Businesses are slow to “self-detect” breach activity. The average time from initial breach to detection was 210 days, more than 35 days longer than in 2011. Most victim organizations (64%) took over 90 days to detect the intrusion, while 5% took three or more years to identify the criminal activity.

Spam volume declines, but impact on the business doesn’t. Spam volume shrank in 2012 to a level lower than it was in 2007 but spam still represents 75.2% of a typical organization’s inbound email. Most importantly, new malware research conducted by Trustwave found nearly 10% of spam messages to be malicious.

And finally, as expected, basic security measures are still not in place.  “Password1” is still the most common password used by global businesses. Of three million user passwords analyzed, 50% of users are using the bare minimum.

Trustwave recommends six security pursuits to address the issues. (Picture) Cyber criminals will never stop trying to compromise systems to obtain data. Organizations need to be aware of  where they may be open to attacks, how attackers can enter their environment and what to do if (and when) an attack occurs.