Organizations getting better at intrusion detection, says Trustwave report

The average number of days it takes an organization to detect a compromise decreased dramatically last year, according to the 2017 Trustwave Global Security Report.

The report claims that the median length of time from intrusion to detection decreased from 80.5 days in 2015 to 49 days in 2016, with values ranging from less than a day to 2,000 days (about five and a half years). For intrusions that are detected internally, the median was 16 days, while the median for externally detected intrusions was 65 days.

North America leads the way

Almost half (49%) of data breaches investigated by Trustwave were in North America. These figures are consistent with both past Trustwave reports and other studies. For instance, Risk Based Security said in February that 47.5% of the world’s data breaches were in the US alone.

North America was followed by the Asia-Pacific region (21%), Europe, the Middle East, and Africa (20%) and Latin America (10%).

In terms of industries, the retail sector was the most breached (22%), followed by the food and beverage sector (20%). Both of these sectors process a large number of payments through point-of-sale (POS) systems, which have been responsible for a number of recent high-profile data breaches.

Incidents affecting sales tills and payment systems increased by 31% in 2016, while breaches involving e-commerce environments fell from 38% to 26%. Commenting on those figures, Andrew Komarov, chief intelligence officer at InfoArmor, told The Register:

The number of point-of-sale breaches and network intrusion attempts against retailers is rapidly growing. The US is one of the most affected geographies […] because of the scale of its retail economy with over 15 million point-of-sale terminals, and huge penetration of IT in it.

Protect your POS systems

With the number of successful attacks on POS rising, it’s important to make sure you have effective measures in place to protect your payment systems. Ideally, this begins by creating a number of policies aligned with the PCI DSS.

Documenting your policies on these topics shows your commitment to protecting sensitive information, and it’s also a key requirement for PCI compliance.

To help you create these policies, we offer a PCI Documentation Toolkit. It provides PCI-compliant tools and enables you to create your documentation quickly and easily, so you can produce a robust system to protect your payment card data.

Find out more about the PCI Documentation Toolkit >>

Take a free trial >>