M-Trends EMEA drills down into the statistics collected during investigations conducted in EMEA by Mandiant’s consultants in 2015 and details the main cyber trends and tactics threat actors used to compromise businesses and steal data.
According to the report, organisations in EMEA took three times longer to detect a compromise. the mean dwell time (time between compromise and detection) in the region was 469 days versus a global average of 146 days.
Also, EMEA businesses cannot rely on local agencies to receive a notification of compromise. Only 12% of the observed compromises of organisations in EMEA were detected by an external source. This is a huge disparity with global figures, where external sources accounted for 53% of detections globally. Whilst, through necessity, EMEA organisations discovered breaches themselves 88% of the time, EMEA average dwell time would suggest this often came too late.
Mandiant consultants found many EMEA organisations still opting for a traditional forensic methodology, only analysing a handful of machines, and subsequently increasing the risk of becoming re-compromised.
Bill Hau, VP of Mandiant Security Consulting Services, FireEye, said the fact that some EMEA governments are at various levels of maturity with their national CERT or local law enforcement mandate has resulted in businesses being under tremendous pressure to detect threats themselves.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now