Media releases are provided as is by companies and have not been edited or checked for accuracy. Any queries should be directed to the company itself.
  • 20 November 2019 12:09

CrowdStrike Report Uncovers Organisations Globally Take 162 Hours On Average to Detect and Respond to Breaches

Global research survey discloses companies are challenged with incident detection and response in the wake of rising nation-state and supply chain concerns

CrowdStrike Report Uncovers Organisations Globally Take 162 Hours On Average to Detect and Respond to Breaches Global research survey discloses companies are challenged with incident detection and response in the wake of rising nation-state and supply chain concerns

Sydney, Australia. -– November 20, 2019 – CrowdStrike® Inc. (Nasdaq: CRWD), a leader in cloud-delivered endpoint protection, today announced the release of the 2019 CrowdStrike Global Security Attitude Survey, produced by independent research firm Vanson Bourne. Commissioned by CrowdStrike, the study surveyed 1,900 senior IT decision-makers and IT security professionals in the U.S., Canada, U.K., Mexico, Middle East, Australia, Germany, Japan, France, India and Singapore across major industry sectors. The report details the attitudes and beliefs of those in charge of cybersecurity, and tracks how they are faring against sophisticated and pervasive cyber attacks.

The survey finds that the process of detecting, triaging, investigating, and containing a cyber incident takes organisations globally on average nearly seven days of working around the clock (totaling 162 hours), with an average of 31 hours to contain a cybersecurity incident once it has been detected and investigated. As a result, the majority of respondents (80%) report that in the past 12 months, they have been unable to prevent intruders on their networks from accessing their targeted data, with 44% pointing to slow detection as the cause.

According to the findings, organisations from major industry verticals around the globe are significantly underprepared to address breakout time. Breakout time is the critical window between when an intruder compromises the first machine and when they can move laterally to other systems on the network. Forward-leaning organisations should look to follow the 1:10:60 rule: One minute to detect threats, ten minutes to investigate, and 60 minutes to contain and remediate an incident. Some of the most notable report findings include:

● Currently, 95% of respondents fall short of meeting the three time standards.

● Only 11% of respondent organisations can detect an intruder in under one minute, only 9% can investigate an incident in 10 minutes, only 33% can contain an incident in 60 minutes, and only 5% can do all three.

● Intruder detection is the primary IT security focus for only 19% of respondents, despite 86% seeing one-minute detection as a cybersecurity “game-changer” for their organisation.

Organisations’ concerns about different types of attacks also differ across the report. Notable findings include:

● The rise in the number of those who had experienced multiple supply chain attacks, including within the past year – this number doubled from 16 % to 34%. Yet, concerns surrounding supply chain attacks decreased on a global average from 33% in 2018 to 28% in 2019.

● In the same vein, the number of organisations paying ransoms to retrieve data encrypted in a software supply chain attack also more than doubled from 14% to 40%. The report indicates that over 50% of the food and beverage, hospitality, and entertainment and media industries have paid ransoms in the past 12 months in order to recover data encrypted in a software supply chain attack.

● An average of 83% of respondents believe that nation-state sponsored attacks pose a clear danger to organisations within their country, with India (97%), Singapore (92%) and the U.S. (84%) experiencing the most heightened sense of risk from nation-state threats.

“Organisations are challenged to achieve the kind of speed required to match sophisticated nation-state and eCrime adversaries known to be targeting organisations, from governments to enterprises,” said Thomas Etheridge, vice president of CrowdStrike Services. “There is still a significant reliance on legacy infrastructure that does not address security for today’s organisations from a holistic standpoint to stop breaches. Forward-leaning companies must embrace the cloud for endpoint security to give their teams comprehensive visibility and crowdsourced protection to address effectively a full range of security and operational needs.”

For additional information, please download the 2019 CrowdStrike Global Security Attitude Survey. You can also read a blog from CrowdStrike’s Thomas Etheridge.

About CrowdStrike CrowdStrike® Inc. (Nasdaq: CRWD), a global cybersecurity leader, is redefining security for the cloud era with an endpoint protection platform built from the ground up to stop breaches. The CrowdStrike Falcon® platform’s single lightweight-agent architecture leverages cloud-scale artificial intelligence (AI) and offers real-time protection and visibility across the enterprise, preventing attacks on endpoints on or off the network. Powered by the proprietary CrowdStrike Threat Graph®, CrowdStrike Falcon correlates over two trillion endpoint-related events per week in real time from across the globe, fueling one of the world’s most advanced data platforms for security.

With CrowdStrike, customers benefit from better protection, better performance and immediate time-to-value delivered by the cloud-native Falcon platform.

There’s only one thing to remember about CrowdStrike: We stop breaches.

Qualifying organisations can gain full access to Falcon Prevent™ by starting a free trial.

Learn more: Follow us: Blog | Twitter

© 2019 CrowdStrike, Inc. All rights reserved. CrowdStrike, the falcon logo, CrowdStrike Falcon and CrowdStrike Threat Graph are marks owned by CrowdStrike, Inc. and registered with the United States Patent and Trademark Office, and in other countries. CrowdStrike owns other trademarks and service marks, and may use the brands of third parties to identify their products and services.

About Vanson Bourne Vanson Bourne is an independent specialist in market research for the technology sector. Their reputation for robust and credible research-based analysis is founded upon rigorous research principles and their ability to seek the opinions of senior decision makers across technical and business functions, in all business sectors and all major markets. For more information, visit Notes to editors To arrange an interview with Michael Sentonas, Vice President, Technology Strategy at CrowdStrike, please contact: Megan Guthrie| | 0407 464 121

Submit a media release

Editor's Recommendations

Brand Page


View all events Submit your own security event

Latest Videos

More videos

Blog Posts

Media Release

More media release