It Takes Most Companies Multiple Months to Discover a Cybersecurity Breach, Report Reveals

A new security survey from Accenture found that in the past 12 months, roughly one in three targeted attacks resulted in an actual security breach, which equates to three effective attacks per month for the average Canadian company.

Yet two-thirds of Canadians surveyed are confident in their ability to protect their enterprises from cyberattacks.

The report, titled “Building Confidence: Facing the Cybersecurity Conundrum,” reveals that the length of time taken to detect these security breaches often compounds the problem, as more than half of Canadian executives disclose that it takes months to detect sophisticated breaches, and as many as a third of all successful breaches are not discovered at all by the security team.

“Cyberattacks are a constant operational reality across every industry today and our survey reveals that catching criminal behavior requires more than the best practices and perspectives of the past,” said Russell Thomas, Canadian cybersecurity lead for Accenture. “There needs to be a fundamentally different approach to security protection starting with identifying and prioritizing key company assets across the entire value chain.”

While Canadian survey respondents say internal breaches have the greatest impact, 62 percent prioritize heightened capabilities in perimeter-based controls instead of pivoting to address high-impact internal threats. Research findings further show that most Canadian companies do not have effective technology in place to monitor for cyberattacks and are focused on risks and outcomes that have not kept pace with the threat.

“It is clear that the need for organizations to take a comprehensive end-to-end approach to digital security—one that integrates cyber defense deeply into the enterprise—has never been greater.”

Most Companies Not Doing Enough to Address Cloud Security, Study Says