When a company's network is breached, chances are it's the last to know. Well, the customers are probably the very last to know, but most companies don't find out they've been breached until they hear it from law enforcement, according to Kevin Mandia, CEO of information security firm Mandiant.

Testifying before the House Intelligence Committee Tuesday, Mandia said that in 48 of the last 50 forensic investigations his firm has done, the company involved found out about a breach from the FBI or other law enforcement agency, reports Mathew Schwartz at InformationWeek. In the late 1990s, businesses were better at detecting breaches, but by 2004 only one-fifth of companies detected a breach, Mandia said. Now, only 4 percent detect breaches.

Hackers are using advanced attacks against businesses more often, and they have become adept at going after targets by using botnets launched from legitimate networks that were compromised. They have also become more sophisticated about circumventing security defenses, Mandia told lawmakers. Law enforcement, particularly the FBI, is better able to detect breaches because it is focused on criminal activity and threats, as are military and intelligence offices.

It would help business defend themselves if they received the threat data that the government collects, but that kind of information-sharing is not widespread. "This stuff is overprotected. It is far easier to learn about physical threats to the U.S. from U.S. government agencies than it is to learn about cyber threats," Michael Hayden, a former director of both the CIA and NSA, told the committee.

For more:
- see Mathew Schwartz's article at InformationWeek

Related Articles:
Is your partner's network your weak link?
Banks replace SecurID tokens
Honda hit with class action lawsuit after data breach
Verizon: Data breaches soared in 2010