Responsive automation makes it possible to shorten time to detection and accelerate response by automating processes that typically require a skilled security analyst. For my money, there are few better examples of the value of responsive automation than the threat of cryptojacking malware.
Cryptojacking malware infects a system with the goal of generating Bitcoins using the victim’s machines. Once the infection takes hold, the malware saps compute resources and bogs down critical servers, using an average of 25% of an endpoint’s processing power. What’s more, generating a single Bitcoin can cost the victim nearly $10,000 in energy costs alone. While an increased power bill and slowed machines might set off alarm bells, many organizations would struggle to identify and remediate the threat on that information alone.
In fact, it takes an average of 206 days1 for a business to detect a breach, a credit to the skilled nature of attackers able to hide their attack in plain sight. This means a successful infection that occurred on January 1st, wouldn’t be discovered until mid-July! For smaller organizations, the problem is even worse, with average time to detection taking nearly 800 days.2 It should come as no surprise that only 39% of businesses feel they are highly effective at detecting threats. Sadly, in the case of midsize businesses most infections aren’t detected by the victim at all, but by a 3rd party who discovers the fallout through other means.
Even once detected, responding and recovering from the threat poses another challenge. The average attack takes 73 days to be fully repaired.1 Responding to threats in a timely fashion can be the difference between a quick fix and a major security incident.
Without the right secur ..
Support the originator by clicking the read the rest link below.
