Finance and retail organisations rate advanced cyber threats as the most serious challenge, yet both sectors struggle to identify attacks inside their networks. Identifying attacks in progress takes financial services firms up to 98 days, while retailers take up to 197 days. Overall, the number of attacks targeting these sectors, with 83% of finance firms and 44% of retailers experiencing more than 50 cyber attacks a month. 

These revelations come from a 2015 study by the Ponemon Institute study sponsored by Arbor Networks. The study also revealed that 58% of financial services firms and 71% of retailers said they are not optimistic about their ability to improve these results in the coming year.

More than half of financial services firms consider distributed denial-of-service (DDoS) attacks as an advanced threat, but only 48% say they are effective in containing DDoS attacks, and only 45% have established threat-sharing agreements to minimise or contain the impact of DDoS attacks.

Among retailers, 64% view technologies that provide intelligence about networks and traffic as most promising at stopping or minimising advance threats, but only 34% have implemented incident response procedures, and only 17% have threat-sharing agreements in place. Half of retail organisations polled consider DDoS attacks as an advanced threat, but only 39% say they are effective in containing DDoS attacks, and only 13% have threat-sharing agreements to minimise or contain the impact of DDoS attacks.

Not surprisingly, one of the main conclusions of the research is the need to make investments to help detect and respond to security incidents more efficiently and accurately. 
The Ponemon Institute surveyed financial services firms and retailers in North America, Europe, the Middle East and Africa.