Five days is all a knowledgeable threat actor needs to inflict considerable harm on an organization and put IT and IT Security in turmoil. Dwell Time represents a proactive security philosophy and culture that drives unified change across all security operations to achieve a common objective. Unfortunately, most organizations as well as security service providers are falling down when it comes to actually operating by this philosophy. As a consequence, estimates suggest Dwell Times for many organizations to be upwards of 191 days.
Organizations and service providers that drive toward operations centered around Dwell Time – architectures, policies and processes – have an opportunity to make meaningful enhancements to their security posture and maximize the investments made in their current security programs.
1. “Ponemon Institute’s 2017 Cost of Data Breach Study – United States,” Ponemon Institute – June 13, 2017
2. “Why Dwell Time Continues to Plague Organizations,” Crowdstrike – May 10, 2017
3. “M-TRENDS®: A View From the Front Lines 2017,” Mandiant/FireEye – 2017
4. “Incident Response Automation and Orchestration,” Jon Oltsik, ESG –
September 29, 2016
5. “Cyber Dwell Time and Lateral Movement The New Cybersecurity Blueprint,” Raytheon and Websense – 2015
6. “Dwell Time: THE KEY SECURITY METRIC EVERY COMPANY FEARS,” Armor – October, 2015
7. “Using Metrics to Mature Incident Response Capabilities,” Mandiant/FireEye –
April 9, 2014