A quarter of UK firms fail to realise they've been hacked for more than two weeks after being targeted, according to Intel Security.
The firm also found that once a threat was discovered, 39 per cent of UK IT experts took between a fortnight and three months to actually remove it.
The findings come from a global survey of 700 IT and security professionals conducted by Intel Security and the Enterprise Services Group (ESG), called Tackling Attack Detection and Incident Response.
Raj Samani, CTO at Intel Security, said that IT experts have a "golden hour" in which to detect and fend off a cyber attack, warning that the security industry must close the gap on responding to threats.
"It's worrying to see that companies in the UK and globally are losing out on critical time in the initial onset of an attack," Samani said. "Immediate action is crucial. Hackers don't hang around - as soon as they identify a vulnerability within a corporate network, they will be working to spread this as far as possible throughout the enterprise, wreaking havoc and compromising data along the way."
France was similarly slow to detect advanced cyber threats, with 25 per cent admitting to taking more than a fortnight, while in the US 35 per cent of respondents took at least two weeks to discover a breach.
IT workers in the UK blamed their slow response on a lack of integration between their firms' security tools, with 78 per cent identifying this as an issue.
With hackers usually targeting one vulnerability in a network to spread their malware across the entire business, a failure to sync tools up means IT gain far less insight into problems on their firm's network.
Other issues included 39 per cent of UK respondents citing a need for better analytics to get more visibility into their networks, while 80 per cent pointed to a shortage of security skills.
"Investing in training to ensure the company's security team has the expertise to deal with a threat is crucial," said Samani.
"Meanwhile, automating processes and ensuring security tools are synced across the network is a key way to ensure companies are able to act fast in their golden hour' of an online attack."
‘This shift highlights not just a continuation but a broad acceptance of remote work as the norm’: Software engineers are sticking with remote work and refusing to budge on RTO mandates – and 21% would quit if forced back to the office
Healthcare systems are rife with exploits — and ransomware gangs have noticed
ESET looks to ‘empower’ partners with cybersecurity portfolio updates
