Majority of businesses already impacted by cloud cyber attack by the time it is investigated

If you’re in DFIR, does the move to cloud and/or containerisation make your job a lot more difficult?..:

Some 89% of companies have experienced a negative outcome in the time between detection and investigation of a cyber attack on their cloud environments, new research has found.

Cado Security has released research from ESG, which revealed that it takes an average of 3.1 days to begin an investigation of a known cloud breach after data capture and processing.

Based on a survey of 150 security professionals, Organizations Demand a New Approach to Digital Forensics examined the challenges and current maturity level of digital forensics and incident response of cyber-attacks on cloud environments. It found that organisations are approximately 4x more likely to say both their cloud DFIR capabilities are less mature and cloud investigations are harder to conduct relative to traditional environments.

[…]

Original article