Mean Time to Detect (MTTD)
The average time between when a security incident occurs and when it is discovered by the security team.
Current Value
12.5 hours
+2% from previous period
Industry average: 15.8 hours
Calculation Method
Sum of times between incident occurrence and detection / Total number of incidents
Significance
MTTD measures how quickly your team can detect security incidents. A lower MTTD indicates more effective detection capabilities and monitoring systems.
Definition
The average time between when a security incident occurs and when it is discovered by the security team.
Significance
MTTD measures how quickly your team can detect security incidents after they occur. A lower MTTD indicates more efficient incident detection processes and better monitoring capabilities.
Reducing MTTD is crucial for minimizing business disruption and financial losses during security incidents. The longer a threat actor remains undetected in your environment, the more damage they can potentially cause.
Calculation Method
Sum of times between incident occurrence and detection / Total number of incidents
Note: Determining the exact time of occurrence may require forensic analysis, logs, or best estimates based on available evidence.
Benchmark
Industry average: 15.8 hours