2, 10, 75.
This numerical trifecta was dropped at a recent cybersecurity conference. What’s it mean?
Prepare for a shock to the system:
2 hours: Average time a cyber hacker “lives off the land” after infiltrating a device, learning as much as they can – accessing passwords, trying out tools, poring through caches, files, and local databases. After this initial fact-finding spree, they hang out undetected for days, weeks, or, more typically…
10 months: Average time it takes to detect such a breach, in which time the hacker’s been disrupting your operations and stealing your data.
75 days: Average time it takes after discovering the breach to fully contain it.
Run that math. On average, more than a year passes from the time an attacker gets into a network until the matter is securely resolved. However, those first two hours are the most critical, for two reasons: The damage that can be done in that time, and the fact that hackers who aren’t detected in that short two-hour window are likely to be there awhile.
Why Not Sooner?
According to Security Magazine, a cyberattack takes place every 39 seconds – this despite popular cyber defense technology products and extensive security training within most businesses. Every 39 seconds, a hacker makes their way into a network or device and is statistically likely hang out for almost a year before being detected.
The million-dollar question we hear all the time: Why don’t all those cyber defense products and preventions sound the alarm?
They do – but it’s part of the problem. Most defense products have a tendency to sound false alarms that users then disregard, or that compel them to discontinue use of defense products altogether.
As such, cyber defense products are rarely the means by which users discover that a network has been jeopardized. This honor, in most cases, belongs to the hackers themselves. Most eventually crow about an attack on your company website, on a staff Slack channel, or by sending an email, often demanding ransom.
Finally, A Reliable Early Detection Tool
This grim detection reality is the driving force behind Velaspan’s newest service. Active Cyber Engagement (ACE for short) flags infiltrators immediately via reliable early detection alerts that users like you pay attention to because they rarely, if ever, sound false alarms.
ACE is a complete solution for early detection that is designed to fit right into your security posture. You get speedy detection of breaches and ransomware plus protection from zero-day and insider attacks. You gain the capability to engage with attackers in real time. Better yet, all of this comes without the burden of buying hardware, hiring staff, or even training your team. ACE fits right into your existing security workflow. Also, if you’re small enough to have just a firewall and antivirus, ACE could be just the thing to begin improving your cyber security.
Ready to harness the early detection power of Velaspan Active Cyber Engagement – without adding staff or learning a new tool? Drop us a line.