Version 1
: Received: 18 October 2024 / Approved: 21 October 2024 / Online: 21 October 2024 (13:42:35 CEST)
Version 2
: Received: 21 October 2024 / Approved: 23 October 2024 / Online: 24 October 2024 (07:51:12 CEST)
How to cite:
Rahman, A. A Qualitative Study on The Reduction of Dwell Time Exceeding 200 Days. Preprints2024, 2024101609. https://doi.org/10.20944/preprints202410.1609.v1
Rahman, A. A Qualitative Study on The Reduction of Dwell Time Exceeding 200 Days. Preprints 2024, 2024101609. https://doi.org/10.20944/preprints202410.1609.v1
Rahman, A. A Qualitative Study on The Reduction of Dwell Time Exceeding 200 Days. Preprints2024, 2024101609. https://doi.org/10.20944/preprints202410.1609.v1
APA Style
Rahman, A. (2024). A Qualitative Study on The Reduction of Dwell Time Exceeding 200 Days. Preprints. https://doi.org/10.20944/preprints202410.1609.v1
Chicago/Turabian Style
Rahman, A. 2024 "A Qualitative Study on The Reduction of Dwell Time Exceeding 200 Days" Preprints. https://doi.org/10.20944/preprints202410.1609.v1
Abstract
This qualitative study investigates why dwell times, defined as the period between the emergence and detection of a cybersecurity threat, exceed 200 days. By uncovering these insights, U.S. InfoSec professionals can develop strategies to shorten dwell times and mitigate the costs associated with security breaches. The overarching issue is the escalating costs of U.S. cybersecurity breaches, which surged by 10% annually, surpassing $9.48 million per breach in 2023. The duration of dwell time, notably exceeding 200 days, is identified as a critical factor contributing to these costs yet remains poorly understood. This study employed a generic qualitative inquiry (GQI) methodology to explore perceptions surrounding dwell time and its impact on an organization's cybersecurity posture. appraisals, making it pertinent to understanding and addressing cybersecurity breach dwell time. Through interviews with ten seasoned U.S. InfoSec professionals, this study sheds light on their perspectives regarding the duration between threat deployment and detection. The findings highlighted the importance of proactive measures and timely detection in mitigating cybersecurity risks and enhancing organizational resilience against malicious cyber-attacks.
Keywords
cybersecurity dwell time; information security (infosec); qualitative inquiry; protection motivation theory (PMT)
Subject
Computer Science and Mathematics, Security Systems
Copyright:
This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.