Small and medium-sized businesses lack the IT staff needed to run comprehensive security detection and response, according to Infocyte.
True North Networks Blog
Cybersecurity: Malware lingers in SMBs for an average of 800 days before discovery
Dwell time for attacks including ransomware was much lower, averaging 43 days between the infection of the initial Trojan (often Trickbot or Emotet) and remediation, due to how the ransomware informs its victims, the report noted.
Some 72% of inspected SMB networks found riskware and unwanted applications in their environment that took longer than 90 days to remove, Infocyte found. While riskware is generally a lower risk than other attacks, networks that fail to control riskware also tend to be less ready to respond to high-priority threats once they are uncovered, according to the report.
"Infocyte's findings should be a wake-up call for SMBs that are overly confident in their organization's cybersecurity posture. The reality is that many lack the resources, technology, expertise, and visibility to protect their organizations, let alone their customers' and partners' data. The long dwell times reported by Infocyte indicate SMBs are at a higher risk of compromise than their larger enterprise counterparts," Aaron Sherrill, senior analyst at 451 Research, said in a press release. "While modern cybersecurity threats that evade legacy preventative and detection tools are a growing security gap for SMBs, many are unable to remediate the threats they do know about in a reasonable timeframe."