The report released today is a twist on the typical cyber security report and focuses on surveying the source of the threat landscape: the attackers themselves.
It revealead more than three-quarters (88%) of hackers can break through cyber security defences and into the systems they target within 12 hours, while 81% say they can identify and take valuable data within another 12 hours, even though the breach may not be discovered for hundreds of days.
The results of this confidential survey of 70 professional hackers and penetration testers at DEFCON, the world’s largest hacking and security conference — will overturn many conventional understandings and sacred cows of the cyber security industry.
>See also: Inside the mind of a state-sponsored hacker
“There is no shortage of cyber security industry reports so we’ve avoided going down the familiar path of compiling data about incidents that have already taken place or highlighting trends and patterns in data breaches — these are clearly the symptoms of a deeper problem,” said Chris Pogue, Nuix’s chief information security officer and a co-author of the Nuix Black Report. “Instead, we have focused on the source of the threat landscape: the attackers themselves.”
By examining the security landscape from the hacker’s perspective, the report has revealed results that are contrary to the conventional understanding of cyber security.
For example, respondents said traditional countermeasures such as firewalls and antivirus almost never slowed them down, but endpoint security technologies were more effective at stopping attacks.
>See also: Another day, another hack: Deutsche Telekom
More than half of respondents changed their methodologies with every target, severely limiting the effectiveness of security defenses based on known files and attacks.
Around one-third of attackers said their target organisations never detected their activities.
“Data breaches take an average of 250–300 days to detect — if they’re detected at all — but most attackers tell us they can break in and steal the target data within 24 hours,” said Pogue. “Organisations need to get much better at detecting and remediating breaches using a combination of people and technology.”