Professor Paul Rosenzweig
Is cybersecurity improving overall? By at least some measures the answer is a surprising “yes.” This annual report from FireEye gives us at least two reasons to think that trend lines are actually improving:
First, as noted by Joe Uchill of Axios Codebook, the identity of who discovers an intrusion is changing drastically. As recently as 2011, 94 percent of intrusions were discovered and reported by outsiders—law enforcement, customers, or other observers. Today, victim companies discover 64 percent of their own breaches—a significant improvement in self-awareness.
Second, that improvement has consequences. An intruders “dwell time” inside a victim’s system is less than a quarter of what it was in 2011. It’s still too high—median dwell time is 75 days in the U.S., 175 in Europe and more than 490 in Asia—but the fact that it is down is a significant improvement.
This statistically reality is consistent with anecdotal evidence from within the security industry. Increasingly, companies are able to more rapidly identify threats and respond to attacks far more nimbly than they have in the past. Surprising good news in a field that too often is seen as grim …