A quarter of UK organisations admit they took more than two weeks to realise they were under cyber attack last year, according to Intel Security research.
The report commissioned by Intel reveals the slow responses to cyber-attacks which are leaving UK enterprises vulnerable to targeted online crime. The study also shows that 39 percent of UK IT staff admitted that a threat, once discovered, took between two weeks and three months to remove and remediate.
UK IT pros said the top three most time consuming incident detection and response tasks were determining the impact and/or scope of a security incident (50 percent), taking action to minimise the impact of an attack (45 percent), and determining which assets, if any, remain vulnerable to a similar type of attack (45 percent).
Raj Samani, EMEA CTO at Intel Security, said: “It’s worrying to see that companies in the UK are losing out on critical time in the initial onset of an attack, when immediate action is crucial. Hackers don’t hang around - as soon as they identify a vulnerability within a corporate network, they will be working to spread this as far as possible throughout the enterprise, wreaking havoc and compromising data along the way.”
Samani said investing in training to ensure the company’s security team has the expertise to deal with a threat is crucial. And automating processes and ensuring security tools are synced across the network is a key way to ensure companies are able to act fast, he added.
The report, which questioned 700 IT pros globally, also found similar security slackness in other countries. In France, 25 percent of IT professionals said their company took at least two weeks to discover an advanced cyber-attack, while in the US the figure rose to 35 percent.
In the UK, 39 percent claimed they were in need of better automated analytics from their security intelligence tools in order to gain real-time and comprehensive security visibility. Beyond a lack of necessary tools, 80 percent in the UK believed their organisation suffered from a shortage of IT security skills amongst staff.
Despite this skills shortage, less than half (40 percent) of UK companies surveyed said they are currently recruiting for new security talent – the lowest number globally. This compares to 78 percent in the US, 73 percent in France and 61 percent in Germany.