Tuesday, September 29, 2015

No Average Breach Timeline

Over at the Verizon Security Blog, I just published a  new post: Incident Discovery and Containment : Average is Over.  In it I explain a little bit about discovery and containment times of incidents and breaches in the DBIR.  One big caveat, this isn't just criminal orgs installing malware or nation-state espionage.  They also include common mistakes and misuse.  (For example, if you just look at Cyber-Espionage pattern breaches, you find that the median days to discovery is 120 days.)