Businesses improved cyber incident response times following Log4j, report finds


Dive Brief:

  • Average security response times to cyberattacks improved from 29 days to 19 days between the 2021 and 2022, according to a study released Wednesday from Immersive Labs. 
  • The improvements in response time were largely driven by the Log4j crisis and other high-profile vulnerabilities discovered during the period. The research is based on organizations completing cyber simulations, spanning more than 1.1 million exercises and labs between April 2022 and April 2023.
  • But security teams are largely unprepared to deal with the post-incident recovery, with most of their focus dealing with the earliest stages of an attack, Immersive Labs said.

Dive Insight:

The study examined the level of cyber resilience that companies have adopted in recent years due to the heightened risk environment. 

“What we found is that the number of days between a new threat exercise release and its completion by organizations is decreasing —  meaning organizations are responding to threats more rapidly over time,” Emma Stowell, senior director of data, said via email. 

Stowell said the improvements were likely related to internal incident response changes enacted in response to Log4j, which drove increased awareness of the importance of preparing for new threats

The Apache Log4j vulnerability, originally discovered in December 2021, was considered one of the largest threats to digital security in years. The vulnerability put millions of devices around the world at risk of attack, as unauthenticated hackers could take control by using a simple line of code. 

A report by the Cyber Safety Review Board released in July 2022 showed exploitation took place at much lower rates than expected, but officials warned the vulnerability would take years for a full recovery.



Source link