Attacker Dwell Time


Manage episode 185475582 series 1526526
By Karen Griffin and LBMC Information Security. Discovered by Player FM and our community — copyright is owned by the publisher, not Player FM, and audio is streamed directly from their servers. Hit the Subscribe button to track updates in Player FM, or paste the feed URL into other podcast apps.

Especially for healthcare IT systems, cyber attacks can lead to the exposure of patient data, service disruptions, time-consuming recovery processes, and high costs in the form of paying a ransom or spending money on new servers, security systems, or consultants. However, that is only when an organization is aware of the breach. Some network breaches can go on for months or even years before an organization learns about it, and these can even be organizations that take information security very seriously with compliance requirements, appropriate budgets, and talented security personnel.

The time elapsed between the initial breach of a network by an attacker and the discovery of that breach by the victim “dwell time” or the “breach detection gap.” In this podcast, LBMC Information Security’s Bill Dean discusses attacker dwell time and some methods that can be implemented to address it.

Listen in, and learn about these key takeaways:

  • Advanced attacks will often circumvent traditional static protections.
  • This provides the ability for extensive “dwell time” of attackers on your network.
  • Put in place additional network controls. If malware cannot communicate out, it cannot operate.
  • “Hunt” for previously undetected malware on your systems.

47 episodes