Although attackers are more persistent than ever, organizations are getting better at detecting breaches – on average discovering the intrusions about a week earlier.

The median time lapse between the beginning of a breach and its detection in 2017 was 57.5 days but in 2018 that gap narrowed to 50.5 days, according to FireEye’s 2019 M-Trends Report.

Those organizations that have been victims of targeted compromise will likely find themselves in the crosshairs again – with 64 percent of FireEye’s managed detected and response customers finding attacked by the same group or one with similar motivations. That’s a 56 percent uptick from 2017.

Also on the rise in 2017 were hidden phishing attacks during mergers and acquisitions. Phishing emails, the report said, appeared to come from a trusted source familiar to recipients.