Organizations should follow the 1:10:60 rule: One minute to detect threats, ten minutes to investigate, and 60 minutes to contain and remediate an incident, endpoint security provider CrowdStrike said in a recent report.
Here at Tomorrow's Technology Today
we are the in that 5 percent because of the tools and policies we have in place!
Some of the study’s notable findings include:
- On the 1:10:60 rule, only 11 percent of respondent organizations can detect an intruder in under one minute, only 9 percent can investigate an incident in 10 minutes, only 33 percent can contain an incident in 60 minutes, and only 5 percent can do all three.
- Intruder detection is the primary IT security focus for only 19 percent of respondents, despite 86 percent seeing one-minute detection as a cybersecurity game-changer for their organization.
- The number who had experienced multiple supply chain attacks doubled from 16 percent to 34 percent in the past 12 months. Concerns surrounding supply chain attacks decreased on a global average from 33 percent in 2018 to 28 percent in 2019.
- The number of organizations paying ransoms to retrieve data encrypted in a software supply chain attack rose from 14 percent to 40 percent.
- An average of 83 percent of respondents believe that nation-state sponsored attacks pose a clear danger to organizations within their country, with the U.S. (84 percent) experiencing the most heightened sense of risk from nation-state threats.
This study was published at the MSSP Alerts blog site. To see the entire story please go to: https://www.msspalert.com/cybersecurity-research/breakout-time-crowdstrike/?utm_medium=email&utm_source=sendpress&utm_campaign
