You have 60 minutes to respond to a cyber attack
Intel identifies “golden hour” response time, but UK firms take up to three months
A quarter of UK firms fail to realise they've been hacked for more than two weeks after being targeted, according to Intel Security.
The firm also found that once a threat was discovered, 39 per cent of UK IT experts took between a fortnight and three months to actually remove it.
The findings come from a global survey of 700 IT and security professionals conducted by Intel Security and the Enterprise Services Group (ESG), called Tackling Attack Detection and Incident Response.
Raj Samani, CTO at Intel Security, said that IT experts have a "golden hour" in which to detect and fend off a cyber attack, warning that the security industry must close the gap on responding to threats.
"It's worrying to see that companies in the UK and globally are losing out on critical time in the initial onset of an attack," Samani said. "Immediate action is crucial. Hackers don't hang around - as soon as they identify a vulnerability within a corporate network, they will be working to spread this as far as possible throughout the enterprise, wreaking havoc and compromising data along the way."
France was similarly slow to detect advanced cyber threats, with 25 per cent admitting to taking more than a fortnight, while in the US 35 per cent of respondents took at least two weeks to discover a breach.
IT workers in the UK blamed their slow response on a lack of integration between their firms' security tools, with 78 per cent identifying this as an issue.
With hackers usually targeting one vulnerability in a network to spread their malware across the entire business, a failure to sync tools up means IT gain far less insight into problems on their firm's network.
Other issues included 39 per cent of UK respondents citing a need for better analytics to get more visibility into their networks, while 80 per cent pointed to a shortage of security skills.
"Investing in training to ensure the company's security team has the expertise to deal with a threat is crucial," said Samani.
"Meanwhile, automating processes and ensuring security tools are synced across the network is a key way to ensure companies are able to act fast in their golden hour' of an online attack."
Security analytics for your multi-cloud deployments
IBM Security QRadar SIEM solution briefDownload now
Five reasons to move to the cloud
Join the enterprises moving their workloads to the cloudDownload now
Architecting hybrid IT and edge for digital advantage
Why business leaders should consider a hybrid IT strategyDownload now
Six reasons to accelerate remote asset monitoring with AI
How to optimise resources, increase productivity, and grow profit margins with AIDownload now