Companies Doing Poor Job of Detecting Data Breaches

February 26, 2015, Written By John H. Oldshue

A report released Tuesday shows companies may not have the security systems in place to detect data breaches when they occur. As a result, over two-thirds of data breaches last year were detected by outside sources, not the company itself.

FireEye’s annual M-Trends report showed 69% of breached organizations which it worked with in 2014 were alerted to these breaches by an “outside entity.” That figure has increased from the 63% in 2012.

The report, entitled “M-Trends 2015: A View from the Front Lines,” showed fewer companies are detecting their security breaches. In 2014, only 31% of the companies discovered they were breached using their own resources compared to 33% in 2013 and 37% in 2012.

On a positive note, the time it takes to discover a breach is on the decline. The average time decreased from 243 days in 2012 to 205 days in 2014.

78% of observed phishing emails were IT or security related, usually attempting to impersonate the targeted company’s IT department or an anti-virus vendor. This was up significantly from 44% in 2013.

According to the report, an absence of basic security protocols, such as two-factor authentication, are prevalent in many of these breaches.

The information contained within this article was accurate as of February 26, 2015. For up-to-date
information on any of the terms, cards or offers mentioned above, visit the issuer's website.