Speed can be critical in preventing data loss, yet UK businesses have estimated that it takes an average of nine hours to spot unusual activity on their organisation’s network. That is according to new research from Clearswift.
UK firms are the slowest off the mark, coming in two hours behind their US counterparts, who take seven hours to identify abnormal activity, and one hour slower than German businesses, who take an average of eight hours. The UK takes almost double the time it takes for firms in Australia to respond, who average only five hours until they identify something may be wrong. The research asked 500 security people worldwide to estimate the time it took them to spot unusual network activity. The research was by technology research firm Loudhouse on behalf of Clearswift. Over 500 IT decision-makers and 4000 employees were polled to gauge the level of threat from insiders.
These figures are particularly worrying in the wake of a flurry of high profile cyber breaches in the UK already this year particularly when put in the context of the potential damage that could be done in a matter of minutes, let alone hours. With UK firms lagging over two hours behind those in the US it is estimated that 280,000 documents could be accessed and stolen in this additional reaction time. (Those 280,000 documents in two hours is based on a business line bandwidth (100Mbit), which equates to a theoretical maximum of around 45+GB / hour and average document size taken to be 321kb.)
Dr Guy Bunker, SVP at Clearswift said: “Cyber attacks by unscrupulous individuals are becoming a major problem and it’s time for the UK to wake up to this fact. Speed holds the key and when it comes to speed of response, firms need to think in minutes not hours, constantly striving for better. Better still, organisations need to take a proactive stance. It is unfortunately a ‘when’ not an ‘if’ scenario.”
Threats can be borne both internally and externally, with both needing to be treated just as seriously, the IT security product company says. Despite this, just 14pc of respondents believe until their organisation has experienced a serious internal data breach, the issue will never be taken as seriously as the threat of external hackers and little is done to prevent breaches of an insider nature.
“Any security game plan needs to be adaptable and should fit with the industry landscape. New external and internal factors should influence how your organisation obtains, stores, shares and deploys information. These can all affect how information could become vulnerable, and where the next threat is coming from,” added Dr Bunker.
To help identify potential insider threat mechanisms, Clearswift has developed the ‘Regional Risky Business Christmas Challenge’, at www.regionalriskybusiness.com, a festive game.
