Expand chart
Reproduced from FireEye's M-Trends report; Chart: Axios Visuals

Organizations are closing the skills and preparedness gap between hackers and themselves, improving a picture that's all too often painted as grim. That means we — at least those of us in the Western Hemisphere — are getting pretty good at cybersecurity, according to the latest numbers from one of the largest cybersecurity firms.

The bottom line: “It’s strange to hear, but things are actually getting better,” said Charles Carmakal, vice president at Mandiant, which released its yearly report yesterday.

The big picture: In a report that contains plenty of potentially alarming material, including multiple sections on the growing Iranian threat, Carmakal said its most important statistics are those on who first noticed data breaches and how they did it.

For all the high profile coverage of massive, often careless breaches, there’s reason to think defenders are outpacing attackers.

The details:

  • 64% of North and South American breaches investigated by FireEye are detected by the victim rather than by a third party (like law enforcement).
  • That’s a sizable improvement over 2011, when only 6% were detected internally.
  • This year was also an improvement over 2016, when 53% of breaches were detected by the victim.
  • “There is absolutely an improvement in organizational capability,” said Carmakal.

Why it matters: Who notices hackers makes a big difference in how fast the hackers get caught. Internal detection is much faster, so hackers are in systems for less time than they used to be. In the U.S., it’s a threefold difference.

  • The worldwide median dwell time — the time hackers can spend in a system without being caught — is only a quarter of what it was in 2011, but roughly the same as last year.
  • According to the report, median dwell time is lower in the Americas: 75.5 days, compared to 175 days in the European, Middle Eastern and African markets, and 498 in Asia Pacific markets.

Go deeper

Updated 8 mins ago - Health

U.S. daily coronavirus cases top 50,000 for first time

A medical technologist processes test samples for the coronavirus at a lab in Tampa, Florida, on June 25. Photo: Octavio Jones/Getty Images

A record 50,655 tested positive for the novel coronavirus in the United States on Wednesday, Johns Hopkins data shows.

By the numbers: Per Johns Hopkins, almost 2.7 million people had tested positive for COVID-19 from more than 32.8 million tests in the U.S. as of Thursday morning. Over 128,000 Americans have died from the virus.

Updated 2 hours ago - Politics & Policy

Coronavirus dashboard

Illustration: Sarah Grillo/Axios

  1. Global: Total confirmed cases as of midnight ET: 10,667,217 — Total deaths: 515,646 — Total recoveries — 5,464,367Map.
  2. U.S.: Total confirmed cases as of midnight ET: 2,685,806 — Total deaths: 128,061 — Total recoveries: 729,994 — Total tested: 32,827,359Map.
  3. Federal government: Trump says he still thinks coronavirus will "just disappear" at some point, supports another round of direct payments to Americans.
  4. Public health: Thanks to coronavirus, your home is now your gymFormer FDA chief says 500,000 Americans may be contracting coronavirus a day.
  5. States: Georgia and Arizona report record new coronavirus cases — California shuts down bars and indoor dining for most residents.
  6. 1 ⚽️ thing: 6 players test positive for coronavirus before MLS comeback tournament.
Updated 3 hours ago - Politics & Policy

Biden outraises Trump again with record $141 million June haul

Democratic presidential candidate and former Vice President Joe Biden at Philadelphia City Hall in Pennsylvania in June. Photo: Jim Watson/AFP via Getty Images

Former Vice President Joe Biden and the Democratic Party raised $141 million in June, his campaign announced on Wednesday night.

Why it matters: It's the most the presumptive Democratic presidential nominee has raised in a month. It's also more than the record $131 million President Trump's re-election campaign and the Republican National Committee raised last month.