Only 40 per cent of retail and financial organisations feel that they could detect a data breach within a number of days.
According to research by Tripwire of 102 financial organisations and 151 retail organisations in the UK, 25 per cent of breaches go undetected for more than 24 hours, while 44 per cent admitted that their customer data could be better protected.
Speaking to IT Security Guru, Dwayne Melancon, chief technology officer for Tripwire said he thought that practitioners were “deluded” if they thought that they could detect a breach in 2-3 days, as really organisations were not detecting at all. “This is a false sense of security and they think that they are better than they are, as even a large organisation can be naive,” he said. “With a two-man IT shop, what does that mean?”
Melancon made reference to the Target breach, which he said gave the opportunity to learn from the mistakes made. “Going off the information which has been made available, there was an erosion of trust while Neiman Marcus knew what was going on but did not say; this shows that you should be open and transparent.”
The proposed Data Protection Directive will require notification of a breach occurring within 24 hours; recent research by Trend Micro found that 84 per cent of 850 IT decision makers would need to take steps to be compliant.
Melancon said that there is a fair expectation to provide regular updates, but often this sort of thing takes weeks and months to do efficiently.
He said: “I think it gets down to being better at security than they are; bought silver bullet boxes that makes them secure and what is key for organisations is a leveraging indicator which will help them get better, as well as an established monitoring programme that can detect quickly.
“You can detect quietly and look for changes to the repository and track the environment. It comes down to what is easy and acting before there is too much damage and what the breach looks like.”
The Tripwire research also found that 40 per cent of respondents felt that recent high profile cardholder breaches have changed the level of attention executives give to security, while 43 per cent of respondents said that PCI DSS was the backbone of their security program, and 36 percent said it was at least relevant to half of their security program.