Organizations are more quickly detecting attackers in their networks and systems, but the majority of attacks are still being found by third parties and not by internal security groups.
In 2019, companies needed 56 days, on average, to detect an attacker in their networks, down from 78 days in 2018, FireEye Mandiant stated in its “M-Trends 2020” report, out today. While the improvement is partially due to companies spending more effort and resources on detecting threats and responding to incidents, much of the impetus to improve is due to a second trend identified in the report: Attackers are more quickly taking action once inside a victim’s network, and often the action is destructive, says Charles Carmakal, vice president of consulting and chief technology officer at FireEye Mandiant.
