Cyber  |  Risk Management

Reducing dwell time: a guide for NEDs to strengthen cybersecurity

SHARE
LinkedIn
Twitter
Facebook
Email

As fellow board members and non-executive directors, we bear the ultimate responsibility for safeguarding our organisation’s integrity, reputation, and assets. Understanding and mitigating cyber risks are paramount. Recent trends in cyber-attack dwell time— the length of time that malicious actors spend in a victim environment before being detected —highlight critical concerns. While reported dwell times have decreased from 9 days to 6 days, this metric masks the growing sophistication and speed of artificial intelligence-driven cyber threats.

The evolving cyber threat landscape

The reduction in dwell time is not necessarily a sign of improved defenses but rather an indication of how quickly adversaries can now operate. AI advancements enable quicker and more sophisticated reconnaissance phases and allow for faster interference with backups, preventing data recovery verification. Allowing hackers several days of access to any infrastructure poses significant risks, as the damage they can inflict in mere hours is substantial enough to keep even the most vigilant IT operations teams awake at night.

Reactive vs. proactive cybersecurity

Traditional cyber approaches are reactive and typically respond to incidents after they occur. In a world where cyber threats evolve daily, why should a dwell time of even a single day be considered acceptable? The target should be measured in seconds or minutes, not days or months. More sophisticated attacks can go undetected for extended periods, posing significant risks to any organisation.

Engaging with your information security team

As board members, our role includes ensuring that the organisation adopts a proactive cybersecurity posture. This means fostering a close relationship with the Chief Information Security Officer (CISO) and their team. Here are a few points to consider:

✅ Proactive measures. Challenge your CISO on the measures being taken to reduce dwell times to seconds or minutes. Understanding the technologies and protocols in place can provide assurance that the organisation is not merely reacting to threats but is positioned to pre-empt them.

✅ Cybersecurity is a process that needs to be continuously improved. Encourage continuous monitoring and upgrading of cybersecurity measures. Cyber threats are dynamic; therefore, your defense strategies must evolve accordingly.

✅ Investment in innovation. Advocate for investments in innovative technologies that provide real-time threat detection and response. For example, Cyemptive Technologies’ approach of achieving dwell times in seconds or minutes is a benchmark worth aiming for.

✅ Training and awareness. Promote a culture of cybersecurity awareness within the organisation. Regular training sessions for staff, including the board, can enhance overall vigilance and preparedness.

Concluding comments

As board members and NEDs, our active involvement in cybersecurity is vital. By engaging deeply with the CISO and tech team, advocating for proactive measures, and embracing innovative technologies, we can enhance our organisation’s defenses. The goal is to transform from a reactive to a pre-emptive cybersecurity posture, ensuring swift identification and mitigation of threats, and securing the organisation’s future against evolving cyber risks.


Related resources

Essential cyber threat insights for boards

Digital transformation: navigating the risks of cybersecurity


Written by Johannes Riedl, an accomplished industry executive and non-executive director, focusing on digital transformation, cyber, and the metaverse. Johannes is the VP Cyber Solutions Europe at Cyemptive technologies. He is a content contributor to NEDonBoard, Institute of Board Members’ Tech for Non-Tech course for board members.

Cyemptive Technologies’ mission is to transform our customers’ cybersecurity posture from reactive, post intrusion defense to a pre-emptive posture that defeats damage from unknown attack vectors and eliminates remediation. Our capability to achieve dwell times in seconds or minutes aligns with the urgency of modern cybersecurity needs. This approach not only enhances protection against emerging threats but also ensures that potential vulnerabilities are swiftly identified and addressed. As cyber attacks grow in sophistication and frequency, maintaining vigilance and agility in response strategies is paramount to safeguarding sensitive data and maintaining operational integrity.  Further, a preventative approach is the only one that will work against the coming Quantum based attack technologies.

loading