If you think back to the security concerns of 2014 and 2015, the thing that springs to mind is probably data breaches. Target, Home Depot, J.P. Morgan Chase, various restaurants, online stores, hospitals and other retailers seemed to be leaking customer information right and left. Hundreds of millions of people had their information compromised.
This year, ransomware has eclipsed data breaches as the major concern, but they're still happening. However, there is one good piece of news that shows the situation might be improving.
According to the Trustwave Global Security Report, in 2014 only 19% of data breaches were detected by the victims. In other words, a company wouldn't know it was breached until a security researcher or another company noticed.
In 2015, that number jumped to 41%, which means that companies got a lot better at knowing when they were compromised. While it would be better if they avoided data breaches in the first place, it is an improvement.
A company that can spot a data breach is one that can stop it before it goes on too long. According to Trustwave, the average time for a company to detect a data breach internally is 15 days. If the company relies on external detection, the average time is 168 days.
Also, companies that know how to spot breaches are more likely to eventually catch them before they happen. Plus, it trains the employees at that company to spot problems, which means as they move to other companies they'll take that knowledge with them.