Why Asia-Pacific Lags in Data Breach DetectionFireEye's Rob van der Ende Identifies Shortcomings
Why is the Asia-Pacific region lagging far behind Europe and the United States in detecting data breaches? One reason is that attackers are using tools that make them appear to be legitimate users, which makes unauthorized behavior tough to sort out without sophisticated detection technologies, says Rob van der Ende, a vice president at FireEye's Mandiant unit.
"Organizations are not necessarily equipped with the right tools and detection methods to actually identify attacker behavior," van der Ende says in this interview with Information Security Media Group. "It is mostly due to the attackers becoming more and more advanced in the ways that they breach customers' networks."
Mandiant recently issued a detailed M-Trends Report 2016 that, among other things, determined that the median amount of time it takes to discover an attack in the region is 520 days, three times the global median (see Analysis: FireEye Report on APAC Data Breach Challenges).
Data breaches in Asia-Pacific also tend to stay under the radar because most nations in the region lack data breach notification laws, he points out.
In this interview (see audio player below photo), van der Ende also discusses why:
- Companies breached in Asia-Pacific often fail to completely kick out attackers;
- Increased spending doesn't guarantee security;
- Detecting breaches is becoming just as important as trying to prevent them.
van der Ende is senior vice president for Asia-Pacific and Japan with Mandiant, which is FireEye's breach response and investigations unit. He was previously director for cybersecurity and public sector across Asia with Microsoft's enterprise services business and vice president for consulting sales for Oracle in Australia and New Zealand.