"Typically, the initial attack to initial compromise – that is how long an attacker is trying to get into an organization before they succeed – in most of these (incidents) it’s relatively short. As we look at industries that are a little bit more opportunistic like the accommodation or healthcare (sectors), we see that as being very, very short. From seconds to minutes, most of them occurring very, very quickly because they’re scanning for a vulnerability and when they find it they exploit it," he added. "As we get into markets that are a little bit more targeted like the financial industry and intellectual property, we’ll see that top line span across the entire line, so they’ll pick a target and then start to try different ways to break-in and that can go well past minutes into hours, days, weeks, months, and in some cases even years."
Jacobs said that one of things that really stood out to him as poured through the results of the data his team collected was the difference between larger and smaller organizations that were attacked. "Every organization that is no the Internet is being attacked, it’s just that the larger organizations have more maturity around their security controls and they’re not going to fall prey to it as much," he said.
In addition, Jacobs said the fact that stolen credentials were used so frequently in cyber intrusions means that companies may want to look into more two-factor authentication solutions, which would make it more difficult to steal and misuse valid credentials.
Jacobs said that going forward, mobile devices will also likely become highly targeted by hackers.
"When we look at the assets that we do see (in the report) they share two qualities; they either hold the data directly or they’re an easy path to the data," he said. "So, the lack of mobile devices in the breaches that we’ve looked at may be an indication that they are not one of those two things yet. As these mobile devices get more integrated into the network, more built into the infrastructure and they start hosting the data, they are going to become a high-value target."