Key findings from the survey of 102 financial services organizations and 151 retail organizations in the UK include:
- 65 percent of both financial and retail organizations would need between one to three days to detect a data breach on critical systems.
- 49 percent of financial respondents said that the Payment Card Industry (PCI) data security standard is the backbone of their security programs, compared with just 39 percent of retail respondents.
- 44 percent of financial respondents are unsure if their security controls would prevent the loss of customer data in the event of a data breach, compared to 38 percent of the retail respondents.
Melancon continued: “The majority of the organizations who responded said they could detect a breach of critical systems within one to three days. This is inconsistent with historical data that says most breaches go undiscovered for weeks, months or even longer. This survey data suggests that most organizations have a rose-colored view of their own capabilities when it comes to breach detection and response.”
Other findings reveal:
- 45 percent of respondents from financial services firms said that recent breaches have not changed the level of attention executives give to security, compared to 37 percent of retail respondents.
- Only 18 percent of financial respondents said their organization had already suffered a data breach that compromised customer data, compared to 28 percent of the retail respondents.