'Mean blind spot' leaves organisations vulnerable to cyber attack

March 22, 2017, University of Portsmouth
Cyber attacks are becoming more frequent. Credit: University of Portsmouth

New research has identified a 'mean blind spot', which leaves organisations vulnerable to cyber attack – particularly in the months of April and October.

A study by the University of Portsmouth found the length of time between cyber attacks can leave organisations susceptible to further attacks. This 'mean blind spot' is the average interval between the recovery from an existing incident and the occurrence of a new incident.

Dr Benjamin Aziz, senior lecturer from the School of Computing, conducted the research using a community dataset of cyber incidents known as VERIS. The data is collected from a wide range of industries and different types and sizes of organisations.

He said: "Cyber attacks and data breaches are becoming more and more frequent and most companies will have plans for counterattack in place.

"However, the problem arises when you look into organisations' recovery times. If a takes a month to recover from a , but the next incident is a week away, there is a real risk that the subsequent attack can't be tackled because recovery resources will have been deployed to handle the first attack.

"When you layer recovery times on top of each other there is a , where your resources are depleted and is slow. This is when companies are in danger of leaving themselves open to multiple attacks."

‘Mean blind spot’ leaves organisations vulnerable to cyber attack
The blind spot is the average interval between the recovery from an existing incident and the occurrence of a new incident. Credit: University of Portsmouth

In his analysis of VERIS data, Dr Aziz also found that organisations are least prepared to tackle security incidents in the months of April and October.

He said: "This finding is surprising because you'd expect August and December to be the months that companies are unprepared, when staff are most likely to be on holiday. My analysis found that in April and October it took days for companies to recover from an attack, rather than hours.

"This could be due to peeks in attacks being during those months or due to internal reasons, but I'd need to do further analysis to drill down the details."

Dr Aziz hopes his research gives organisations an insight into the resilience of their IT infrastructure, the recovery cost of and the future cost to defend against them.

He said: "I hope the findings will help minimise the threats against cyber attacks in an increasingly digital world. Lots of businesses are prepared to combat one attack, but now they need to prepare for multiple attacks.

"Although our new metric does not identify the cause of an attack or suggest a solution, we hope it can help as objective evidence for IT managers to argue for more organisational support or resources to secure their infrastructure so they are well prepared to combat numerous ."

Explore further: Queen to unveil Britain's new cyber security centre

Related Stories

Recommended for you

Privacy becomes a selling point at tech show

January 7, 2019

Apple is not among the exhibitors at the 2019 Consumer Electronics Show, but that didn't prevent the iPhone maker from sending a message to attendees on a large billboard.

China's Huawei unveils chip for global big data market

January 7, 2019

Huawei Technologies Ltd. showed off a new processor chip for data centers and cloud computing Monday, expanding into new and growing markets despite Western warnings the company might be a security risk.


Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.