A report from the Ponemon Institute and IBM has identified the time from when an organization identifies a breach to when an adversary gains access as 191 days, and State Department Acting CIO, Rob Turk says it should be closer to zero.
Turk commented on the metric to a panel at at the 2018 CFO/CIO Summit hosted by the Association of Government Accountants and the Association for Federal Information Resources Management. “If you’re doing your work and you’re preventing things from getting into your organization, then guess what, your dwell time is near zero or at zero,” he said.
The report found that dwell time was 191 days in 2017, down from 201 days in 2016. The cost of data breach study also found that the global average cost of a data breach is down 10 percent over previous years to $3.62 million.
Dwell time is not currently a measurable cybersecurity metric for federal agencies but Turk suggested at the summit that it should be.
The study also found that global data breaches cost the most within the health industry and that malicious attacks are the most expensive type of data breach. It found that the cost of data breaches is impacted by a range of factors, including the use of an incident response team and extensive use of encryption.
It also found that post data breach response costs are highest in the US and Middle East. It says: ” The costs associated with ex post response and detection in the United States were $1.56 million and $1.43 million in the Middle East, as shown in Figure 16. Ex post costs include help desk activities, inbound communications, special investigative activities, remediation, legal expenditures, product discounts, identity protection services and regulatory interventions.”
The study also identified that dwell time can have a big impact on costs – the shorter the dwell time, the less costly the data breach is likely to be.