TaoSecurity Blog

  Oh snap. My single most important cybersecurity metric deteriorated again.  In the M-Trends report for calendar year 2024, Mandiant’s global median dwell time metric worsened from 10 to 11 days. In the newest report, released today, for calendar year 2025, that metric worsened again, from 11 to 14 days.  In other words, organizations are taking even longer to detect and respond to intrusions. 10 days was already still too much, in a world where teams need to detect and contain in an hour to be effective.  I’m not a doomer. We made amazing progress since 2011, when median global dwellers time was over 400 days. But, two bad years in a row has never happened. Before last year, the metric had always improved! It’s possible Mandiant is just dealing with ever tougher cases. I have to dig into the full report. 

  Happy birthday TaoSecurity Blog, born on this day in 2003! The best way to digest the key lessons from this site is to browse my four volume Best of TaoSecurity Blog book series , published in 2020. It's available in print as seen here, or as a properly formatted HTML-based digital book -- none of that PDF-based fixed format nonsense. Each book is a theme-centric collection of posts with new commentary for each entry. Some of what I wrote stood the test of time, and some did not. See what you think. Or, just scroll backwards through this site. Thank you to Blogspot and Google for hosting this blog for the last 23 years! This is post number 3,094 by the way.