It takes businesses in the EMEA region (Europe, Middle East, Africa) three times longer than businesses elsewhere in the world to detect a breach. Mostly, as they're forced to detect such compromises themselves, instead of having external help.
Those are the general conclusions of the first Mandiant M-Trends EMEA Report. The report, released by security experts FireEye, is based upon the statistics collected during investigations in the region, done by Mandiant’s leading consultants in 2015.
The report says that EMEA businesses need, on average, 469 days to detect a breach. Huge numbers, knowing that globally it takes about 146 days.
FireEye believes another important metric is behind this poor statistic – external sourcing. Just 12 per cent of compromises observed in the report were discovered by an external source, where globally, external sources account for more than half (53 per cent) of spotted breaches.
As businesses look for these breaches themselves, they’re usually tasked with analysing them, as well. They do in using ‘unsuitable techniques’, leading to a failure in understanding the true scope of the breach. Ultimately, they’re keeping themselves vulnerable to a new breach, which frequently happens.
“The majority of organizations need to move away from the traditional methodology of responding to incidents as otherwise the dwell time will not decrease at a fast enough rate,” said Bill Hau, Vice President of Mandiant Security Consulting Services, FireEye.
“This, coupled with the fact that some EMEA governments are at various levels of maturity with their national CERT capabilities / mandate has resulted in businesses being under tremendous pressure to detect threats themselves and, according to our statistics, they simply have not been quick enough to do so. From our observations, there are clearly some stark contrasts between EMEA and the rest of the world, which boardrooms in the region need to address.”
Image source: Shutterstock/wk1003mike