When asked how quickly their organizations would detect a data breach, 42 percent of retailers in a recent survey believed it would take 48 hours. Another 18 percent said 72 hours, and 11 percent believed it would take a week. Yet industry research indicates most breaches go undiscovered for weeks, months or even longer.
That's at least according to the sponsor of the study, Tripwire, a provider of security solutions. In a statement, its chief technology officer, Dwayne Melancon, said the survey data "suggests that a lot of retailers are far too hopeful about their own cybersecurity capabilities."
The survey of 154 retailers conducted by Dimensional Research further found that 35 percent of respondents were "very confident," while 47 percent were "somewhat confident" that their security controls could detect rogue applications such as those used to exfiltrate data during data breaches.
But much more concern was detailed in several cybersecurity surveys Tripwire provided:
The retailer survey did find that 70 percent of respondents said that the recent Target breach had affected the level of attention executives give to security in their organizations.
The findings come as another new survey of 750 consumers sponsored by Brunswick Group, a corporate communications firm, found 61 percent of consumers hold retailers responsible for data breaches, not far from the blame placed on criminals (79 percent). Only 34 percent blamed the banks that issue debit and credit cards. About a third (34 percent) said they no longer shop at a specific retailer due to a past data breach issue.
How prepared are retailers, in general, when it comes to detecting and responding to data breaches?