Confident retailers still have a long way to go in security breach detection
In a survey by Tripwire, three quarters of retailers said they could detect a breach within 48 hours – up from 42 per cent in 2014 – despite previous studies showing it takes the sector 197 days on average to detect advanced threats on their networks.
In the 2016 report, 90 per cent said they would be aware of a data breach on critical systems within a week, compared to 70 per cent in 2014. “Unfortunately, these results indicate that we can expect retail breach activity to continue in the future,” said Tim Erlin, Tripwire’s director of IT security and risk strategy.
“The increase in confidence connected with speed of breach detection is particularly surprising, especially in combination with partial implementation of detection tools.
“Together, these results indicate while retail organisations might feel better about their cyber security capabilities, there’s still a long way to go to close the gap between initial compromise and detection.”
Retail data breaches involving personally identifiable information (PII) have more than doubled since 2014, with a third of respondents saying their organisations have experienced breaches in which PII was stolen or accessed, compared with 14 per cent two years ago.
Yet in both iterations of the survey 59 per cent of firms said their breach detection products were only partially or marginally implemented.
“Partially implemented tools are a serious liability for information security,” Erlin said.
“Organisations need to move from a checkbox approach to measuring gaps in their security coverage. If you’re not monitoring 100 per cent of your endpoints, you’re leaving room for attackers to gain a foothold.”