Intelligent cyber hackers are infiltrating online domains, exposing masses of customer data and remaining undetected for months, such as the recent GoDaddy data breach of over 12 million users data reveals.

Martin Riley, director of Managed Security Services, Bridewell Consulting, argues that security teams must revaluate and modernise their cyber strategies to focus on threat detection and response, in order to get ahead of cyber criminals to prevent expensive recovery. Please find a full comment included below should you be writing any stories on the recent attack:

"It’s no surprise that the GoDaddy breach took over two months to be identified – though this is better than the 270 day average cited by the Ponemon data breach report . The breach of 1.2 million customer accounts is going to be expensive in terms of the total cost of ownership from detection to recovery. The report highlights that a managed hosting service operating legacy code was the root cause for the breach, which suggests that there are very technical controls around vulnerabilities and monitoring within these areas of GoDaddy’s architecture.

Once the incident has been addressed, the key learning for GoDaddy is to increase focus on threat detection and response, which increases visibility for the security operations teams. By leveraging services such as Managed Detection and Response (MDR), technology can be deployed to improve detection, containment and eradication of threats within hours and minutes, not days and weeks. The Ponemon report suggests that there is a cost of $175 for each customer PII record breached, equating to a potential total cost to GoDaddy of $280 million. I think it’s safe to say an improved security operations strategy would have a much smaller price tag."