According to a recent report by FireEye, EMEA organisations are taking almost six months to detect cyber attacks.
The average time taken to detect a cyber attacker in the network was 175 days, which is an almost 40% increase in the median dwell time from last year, and almost twice as slow as the global average of 101 days.
“It’s disappointing to see median dwell times increasing significantly in EMEA organisations, particularly with the GDPR deadline just around the corner,” said Stuart McKenzie, EMEA VP of Mandiant at FireEye. “However, on the positive side, we’ve seen a growing number of historic threats uncovered this year that have been active for several hundred days. Detecting these long-lasting attacks is obviously a positive development, but it increases the dwell time statistic.”
On a more positive note, though, the report did also show an improvement in internal rather than external breach discovery.
It’s disappointing to see median dwell times increasing significantly in EMEA organisations, particularly with the GDPR deadline just around the corner
– Stuart McKenzie, Vice President Mandiant Consulting, EMEA, FireEye
The report also showed that 56% of organisations which had been victims of a targeted compromise were subsequently targeted again by either the same attack group or a ‘similarly motivated’ one. 49% of FireEye customers who had experienced at least one significant attack were successfully attacked again within the next year.
40% of EMEA organisations which had been affected by a serious breach had multiple significant attacks from multiple groups throughout the year.