McAfee has revealed that only 35 per cent of businesses can quickly detect security breaches, as many organisations are unable to harness the security power of big data.
The security firm released a new report entitled Needle in a Datastack, highlighting just how unprepared companies are for security breaches. The inability to properly analyse and store big data is considered a monumental threat.
The key finding is that businesses take an exceptionally long time to detect data breaches, with just over a third managing to do so within minutes, a necessary time frame for data loss prevention. 22 per cent said they need a whole day, while 5 per cent said they would need a whole week. The average time taken by a business is 10 hours.
“If you’re in a fight, you need to know that while it’s happening, not after the fact,” said Mike Fey, executive vice president and worldwide Chief Technology Officer at McAfee. “This study has shown what we’ve long suspected – that far too few organizations have real-time access to the simple question ‘am I being breached?’ Only by knowing this, can you stop it from happening.”
Despite the poor response times, a vast majority of those surveyed believe they can detect and manage threats, and McAfee believes this is misplaced confidence.
73 per cent said they can assess their security status in real-time, 74 per cent believe they have real-time insider threat detection, 78 per cent for perimeter threats, 72 per cent for zero-day malware, and 80 per cent for compliance controls.
Of the 58 per cent of businesses who admitted a security breach in the last 12 months, only 24 per cent recognised the problem within minutes. 14 per cent found the source of the breach in minutes, 33 per cent needed a full day, and 16 per cent needed a week.
There is therefore evidence of a large gap between security confidence and security reality. McAfee believes the answer is to be found in big data, but companies need to move to purpose-built data management systems with real risk-based analysis and modelling. This will enhance a company's ability to not only identify threats in real-time, but also spot long-term security trends and patterns.