New research has identified a ‘mean blind spot’, which leaves organisations vulnerable to cyber attack – particularly in the months of April and October.
A study by the University of Portsmouth found the length of recovery time between cyber attacks can leave organisations susceptible to further attacks. This ‘mean blind spot’ is the average interval between the recovery from an existing incident and the occurrence of a new incident.
Dr Benjamin Aziz, senior lecturer from the School of Computing, conducted the research using a community dataset of cyber incidents known as VERIS. The data is collected from a wide range of industries and different types and sizes of organisations.
He said: “Cyber attacks and data breaches are becoming more and more frequent and most companies will have plans for counterattack in place.
“However, the problem arises when you look into organisations’ recovery times. If a company takes a month to recover from a cyber attack, but the next incident is a week away, there is a real risk that the subsequent attack can’t be tackled because recovery resources will have been deployed to handle the first attack.
“When you layer recovery times on top of each other there is a blind spot, where your resources are depleted and recovery time is slow. This is when companies are in danger of leaving themselves open to multiple attacks.”
A study by the University of Portsmouth found the length of recovery time between cyber attacks can leave organisations susceptible to further attacks. This ‘mean blind spot’ is the average interval between the recovery from an existing incident and the occurrence of a new incident.
Dr Benjamin Aziz, senior lecturer from the School of Computing, conducted the research using a community dataset of cyber incidents known as VERIS. The data is collected from a wide range of industries and different types and sizes of organisations.
He said: “Cyber attacks and data breaches are becoming more and more frequent and most companies will have plans for counterattack in place.
“However, the problem arises when you look into organisations’ recovery times. If a company takes a month to recover from a cyber attack, but the next incident is a week away, there is a real risk that the subsequent attack can’t be tackled because recovery resources will have been deployed to handle the first attack.
“When you layer recovery times on top of each other there is a blind spot, where your resources are depleted and recovery time is slow. This is when companies are in danger of leaving themselves open to multiple attacks.
Filed Under: Industry regulations
