Organizations around the world take on average more than two business days to respond to a cyber-attack, according to new research by American cybersecurity company Deep Instinct.
The finding was published in the company’s second bi-annual Voice of SecOps Report, which was based on a survey of 1,500 senior cybersecurity professionals in 11 countries who work for businesses with more than 1,000 employees and annual revenue north of $500m.
The survey revealed the average global response time to a cyber-assault to be 20.09 hours. Companies within the financial sector were faster to respond, taking on average 16 hours to react.
Larger companies also answered threats faster, clocking up an average response time of 15 hours. Smaller companies were found to be slower at responding, taking an average of 25 hours to make their move.
Other key findings in the report were that only 1% of those surveyed believed that every single one of their endpoints was installed with at least one security agent.
Just over a quarter (26%) cited “complexity” as the main thing impeding their ability to install more endpoint security agents. Others listed as key concerns the time it takes to investigate threats (39%) and a shortage of qualified SecOps staff (35%).
Nearly one-third of survey respondents hold the belief that the biggest challenge regarding deploying endpoint agents is the cloud. Files stored in the cloud were an unchecked vulnerability for 80% of respondents, while 68% were worried that their colleagues would accidentally upload malicious files.
The attack vector those surveyed were most concerned about was hidden persistence. This cyber-attack, where threat actors lurk in systems for prolonged periods without detection, was the biggest fear of 40% of respondents.
“The survey findings shed light on the multiple challenges that security teams face on a daily basis and provide insights into the serious needs that the industry needs to address,” said Guy Caspi, CEO of Deep Instinct.
“This research exposes gaps in organizations’ security posture, including a lack of full coverage on the endpoint, exposure in cloud storage, and malicious file uploads by internal sources into production systems.”