Victims of hacking immediately reveal GDPR violations

Last year, the time elapsed hackers inside networks the organisms that have been breached, before being revealed, has dropped significantly in the Europe. The main reason for this is GDPR.

Her researchers FireEye revealed that the time of their stay hackers in networks, that is, the time from the time of the invasion to its detection has been reduced from 177 to 54 days. This means that within a year it existed 70% reduction.

This conclusion is stated in the FireEye report, Mandiant M-Trends 2020 Report. According to researchers, the most immediate disclosure of violations is due to the GDPR.

According to the GDPR, organizations are revealing some infringement data, is obliged to report it to the competent protection authority data within 72 hours (from the time of detection).

If they do not and do not comply with the legislation, they will be imposed fine. In this way, GDPR has made organizations across Europe focus even more on safety at cyberspace, and yes reveal possible violations much faster than before.

“GDPR pushes organizations to implement new policies and focus on improving incident detection security"Said David Grout, a FireEye executive.

Grout also said that this deadline set by the GDPR has made many organizations (and beyond) IT team) understand the importance of compliance with the law and improve their defense.

The researchers also observed that while the GDPR applies only to the European Union, other organizations around the world that are active or relocating have also been affected data in Europe.

However, one in ten FireEye surveys relate to organizations in which hackers have had access for more than two years. That means they exist hacking groups, often supported by governments, that are very dangerous.

"Some of these organizations are victims of APT [Advanced Persistent Threat] teams that may be hiding for a long time after the initial breach," said Grout.

According to a report by researchers, one of the most common weaknesses exploited by attackers is the absence of multi-factor authentication (MFA) in the business network. Without the MFA, the Criminals stealing passwords can easily gain access to networks.

Multi-factor authentication adds an additional hurdle to hackers while alerting the team security that there may be a problem.

Finally, organizations should regularly check operating systems and software to make sure they are always up to date.