The time that it takes for an organization to determine that they’ve become a victim of a cybercrime can also be critical, as the report found that the average time to resolve a cyberattack is 24 days. However, it can take up to 50 days.
"A lot of people are not acknowledging that they have little to no logging, little to no system monitoring, little to no event correlation. People don’t have the information that they need so how can they be expected to make an informed decision?" asked Beaver "We’ve got to get our arms around some of these information security basics that we’ve all known about for decades. We’ve got to somehow put some controls within our reach and if we do that, I really think we can get this nonsense under control. Probably one of the biggest mistakes I see when it comes to all of this is a lot of businesses’ IT shops try to do it all. The people might not have the skills, time or the tools to do it well. I tell a lot of my client you have to outsource some of this work where you don’t have the core expertise."