Is Cybersecurity Improving?

A Professor's Perspective on Current Events

Image of Professor Paul Rosenzweig, M.S.
By Professor Paul Rosenzweig, M.S.

Is cybersecurity improving overall? By at least some measures the answer is a surprising “yes.” In an annual report from FireEye there are at least two reasons to think that trend lines are actually improving.

This article originally premiered on FireEye.

First, as noted by , the identity of who discovers an intrusion is changing drastically. As recently as 2011, 94 percent of intrusions were discovered and reported by outsiders—law enforcement, customers, or other observers. Today, victim companies discover 64 percent of their own breaches—a significant improvement in self-awareness.

This article is part of our Professor’s Perspective series—a place for experts to share their views and opinions on current events.

Second, that improvement has consequences. An intruders “dwell time” inside a victim’s system is less than a quarter of what it was in 2011. It’s still too high—median dwell time is 75 days in the U.S., 175 in Europe and more than 490 in Asia—but the fact that it is down is a significant improvement.

This statistical reality is consistent with anecdotal evidence from within the security industry. Increasingly, companies are able to more rapidly identify threats and respond to attacks far more nimbly than they have in the past. Surprising good news in a field that too often is seen as grim …

For more with Professor Rosenzweig, check out Thinking about Cybersecurity: From Cyber Crime to Cyber Warfare Wondrium!