Dwell Time represents the length of time a cyber attacker has free reign in an environment from the time they get in until they are eradicated. Dwell Time is determined by adding Mean Time to Detect (MTTD) and Mean Time to Repair/Remediate (MTTR) and is usually measured in days. It is sometimes referred to as the breach detection gap. Lengthy Dwell Times gives attackers more opportunity to access private data, siphon funds, and observe and record user and network behavior as well as to plant secondary malware or APTs. It is a top concern for all organizations since the issue impacts brand reputation and legal repercussions.
