On average how long does it take for a business to detect a data breach?
In an IBM study in 2019 which looked at 507 companies and interviewed 3211 individuals in companies that had experienced a data breach in the last year, it identified that the average time to identify a breach in 2019 was 206 days. In a similar 2020 IBM study, the average time to identify a breach was 207 days.
I conducted a survey using professionals working in the cybersecurity field. The aim of the survey was to better understand attitudes towards risk that professionals in the field had. As part of this survey, I focussed on how accurately the professionals would be able to estimate how long it took to detect a cybersecurity breach. The results were interesting, a number estimated the average time to a reasonable degree however a significant number overestimated the average detection capability in organisations. It will be interesting to see if this number (average time of breach discovery) stays static or it will move in either direction as organisations mature their cybersecurity capabilities and attackers adapt to cover their tracks better.
The report below is a handy look at some of this breach data.