Have we been hit by hackers? No idea, CIOs admit

Current security practices mean data breaches can take six months to detect, warns a new survey.
Written by Danny Palmer, Senior Writer on

85 percent of CIOs admitted their cybersecurity strategy is reactive rather than proactive.

Image: Getty

The vast majority of organisations are failing to take a proactive approach to defending their data against cyber attacks and are only reacting once they've been breached -- and in some instances, it can take up to six months to even figure out an incident has occurred.

That's according to a survey of CIOs by endpoint security software firm Carbon Black, which suggests there's a disconnect between the pressure to proactively prevent, detect ,and respond to security threats and the reality of how incidents are actually discovered and resolved.

When asked if they'd agree with the statement, 'While we aim to have a proactive approach to hunting out threats, the reality is that we are more reactive, dealing with them as they happen', 85 percent of CIOs surveyed admitted that, yes, their organisation's cyber defences are more reactive than proactive, waiting until after a breach in order to take proper defensive action.

But worryingly, the survey found that even when forced to react in the aftermath of a malicious attack, only half of CIOs believe that they'd be 100 percent confident in knowing what systems and data had been affected, and how, within 24 hours of a breach.

According to the Carbon Black survey, organisations believe it would take an average of two whole months to actually uncover that a breach has occurred.

When asked, 'Do you worry that if you were breached it would take a long time to find out it had happened, or worse that you may be breached without realising?', a quarter of CIOs said they were concerned that if they were breached, it could take one or two weeks to detect.

Another 15 percent said it could take up to a month to detect a breach, 18 percent said it could take up to three months, while 14 percent said it could take up to half a year. By that time, it's likely large amounts of damage will have been done.

According to Ben Johnson, co-founder of Carbon Black, if companies just sit back and wait to react to cyber attacks, rather than taking initiatives themselves, they're leaving themselves in danger.

"Hackers today are determined, sophisticated, and well-funded -- sitting and waiting for them to make a mistake and expose themselves is not an effective strategy," he says

Ultimately, Johnson argues, organisations remain vulnerable to attack because security practices can still be stuck in the past, rather than equipped to deal with the tactics and practices of modern cyber criminals.

"Digital businesses are more open and accessible than ever before, as we are all constantly connected to the internet. As such, our security perimeter is no longer the network, but the endpoints we use to connect -- which are multiplying in number and range every day. However, while the nature of the threats we face is changing, our approach to security is yet to catch up," he explains.

According to Johnson, greater collaboration between businesses would provide a significant advantage in the fight against cybercrime.

"The next generation of security needs to use collective intelligence of thousands of users, share knowledge and patterns of attack behaviors across a community. We all have the same goal, to hit back against the bad guys, so we need to unite to do this more effectively," Johnson concludes.

Carbon Black's survey was carried out by research firm Vanson Bourne and involved questioning 200 CIOs at UK businesses with more than 1,000 employees across multiple industry sectors.

More on cybersecurity

Editorial standards