Companies Doing Poor Job of Detecting Data Breaches

Companies Doing Poor Job of Detecting Data Breaches

February 26, 2015         Written By John H. Oldshue

A report released Tuesday shows companies may not have the security systems in place to detect data breaches when they occur. As a result, over two-thirds of data breaches last year were detected by outside sources, not the company itself.

FireEye’s annual M-Trends report showed 69% of breached organizations which it worked with in 2014 were alerted to these breaches by an “outside entity.” That figure has increased from the 63% in 2012.

The report, entitled “M-Trends 2015: A View from the Front Lines,” showed fewer companies are detecting their security breaches. In 2014, only 31% of the companies discovered they were breached using their own resources compared to 33% in 2013 and 37% in 2012.

On a positive note, the time it takes to discover a breach is on the decline. The average time decreased from 243 days in 2012 to 205 days in 2014.

78% of observed phishing emails were IT or security related, usually attempting to impersonate the targeted company’s IT department or an anti-virus vendor. This was up significantly from 44% in 2013.

According to the report, an absence of basic security protocols, such as two-factor authentication, are prevalent in many of these breaches.

The information contained within this article was accurate as of February 26, 2015. For up-to-date
information on any of the terms, cards or offers mentioned above, visit the issuer's website.


About John H. Oldshue

John Oldshue is the creator of He worked for over 15 years in television and won an Emmy award for his reporting. He covers credit card rate issues for
View all posts by John H. Oldshue