It’s getting harder for organizations to spot when they’ve been breached, despite the average time taken to detect an incursion dropping to 205 days, according to the latest annual M-Trends report from FireEye.

Drawing on the past 12 months’ worth of investigations from the Mandiant team, the report revealed that less than a third (31%) of organizations discovered an internal breach themselves last year, with 69% notified by a third party.

Yet the median number of days hackers were present on the network before discovery dropped from 243 in 2012 to 229 in 2013, and went down again last year to 205 days.

Interestingly, when it comes to the phishing attacks that so often start a major targeted incursion, Mandiant found that the vast majority (78%) were IT or security related. That is, the messages were spoofed to appear as if they came from the victim company’s IT department or…