Dwell-Time Down, Vigilance Up!

Mandiant, the cybersecurity company to be acquired by Google later this year, have released their Mandiant M-Trends 2022 report with some enlightening data.

Focused on whether organizations are detecting threats quicker, Manidiant revealed that the time of compromise until the time of detection has dramatically decreased (in some regions more than others) to a three-week global median dwell time. This is a great improvement and means that all the efforts put into security are taking us in the right direction! 

Unfortunately, 3 weeks of “dwell time” for an intruder is plenty of time to attempt a range of malicious activities. Therefore, with the encouragement this data brings, we need to remain vigilant and continue to find ways to detect compromise and bring that dwell-time right down.

Interestingly, the exploit of vulnerabilities and third-party supply chain compromise accounted for 54% of initial infections. Here are three top tips for securing your company against these common security issues:

  • Patch Vulnerabilities ASAP– Ensure you are keeping all your software/hardware up to date with the latest versions and keep track of known exploits via CISA and/or the Centraleyes Daily Intelligence Reports. Patching vulnerabilities as soon as they are released ensures malicious actors don’t get the chance to exploit your system.
  • Risk Management– Ensure you are aware of and remediating the risks your company takes via a comprehensive risk assessment. Deploying a risk management platform like Centraleyes Automated Risk & Compliance Management will guide you automatically through the process of assessing your risk, determining your actions, remediating any issues and continuing to monitor the process for the future.
  • Incident Response Plan- Being prepared is half the battle. Having a well-tested recovery plan in place will ensure business continuity and minimize impact to your company should something happen. Ensure roles and responsibilities are clearly defined and understood. Your risk management software should provide you with frameworks to guide you through making a recovery plan to get you back up and running as soon as possible in the event of an incident. 

Start Getting Value With
Centraleyes for Free

See for yourself how the Centraleyes platform exceeds anything an old GRC
system does and eliminates the need for manual processes and spreadsheets
to give you immediate value and run a full risk assessment in less than 30 days