preprints.org > computer science and mathematics > security systems > doi: 10.20944/preprints202410.1609.v2

Preprint Article Version 2 This version is not peer-reviewed

Version 1 : Received: 18 October 2024 / Approved: 21 October 2024 / Online: 21 October 2024 (13:42:35 CEST)
Version 2 : Received: 21 October 2024 / Approved: 23 October 2024 / Online: 24 October 2024 (07:51:12 CEST)

This qualitative study investigates why dwell times, defined as the period between the emergence and detection of a cybersecurity threat, exceed 200 days. By uncovering these insights, U.S. InfoSec professionals can develop strategies to shorten dwell times and mitigate the costs associated with security breaches. The overarching issue is the escalating costs of U.S. cybersecurity breaches, which surged by 10% annually, surpassing $9.48 million per breach in 2023. The duration of dwell time, notably exceeding 200 days, is identified as a critical factor contributing to these costs yet remains poorly understood. This study employed a generic qualitative inquiry (GQI) methodology to explore perceptions surrounding dwell time and its impact on an organization's cybersecurity posture, making it pertinent to understanding and addressing cybersecurity breach dwell time. Through interviews with ten seasoned U.S. InfoSec professionals, this study sheds light on their perspectives regarding the duration between threat deployment and detection. The findings highlighted the importance of proactive measures and timely detection in mitigating cybersecurity risks and enhancing organizational resilience against malicious cyber-attacks.

cybersecurity dwell time; information security (infosec); qualitative inquiry; protection motivation theory (PMT)

Computer Science and Mathematics, Security Systems

* All users must log in before leaving a comment