When a cyberattack happens, time is of the essence. Not just because of the urgency to restore operations back to normal, but because the longer a cyberattacker is in your network, the more costly it is to address.

Rod Turk, Commerce Department acting chief information officer and former department chief information security officer believes that dwell time–the amount of time it takes an organization to identify a data breach from the point that the hacker gained access–is a crucial metric, according to Nextgov.

He’s not alone. The IBM-Ponemon Cost of a Data Breach study is arguably one of the most anticipated benchmarks published each year. One of the main messages it preaches is that the faster a cybersecurity incident is identified and contained, the lower the costs.

According to the 2017 IBM-Ponemon study, the average cost for a data breach went from $4 million down to $3.62 million. At the same time, the report noted a decline in the time it took organizations to identify and contain breaches. “Organizations were able to reduce the days to identify the data breach from an average of approximately 201 in 2016 to 191 days and the average days to contain the data breach from 70 to 66 days,” says the report.

The more complex the security infrastructure, the more challenging it is for a speedy resolution, according to the study. “Security complexity and the deployment of disruptive technologies can affect the time to detect and contain a data breach.”

Turk believes dwell time, as a metric, is indicative of an organization’s overall cybersecurity posture. “If you’re doing your work and you’re preventing things from getting into your organization, then guess what, your dwell time is near zero or at zero,” Turk said during a panel on cybersecurity at the 2018 CFO/CIO Summit, according to Nextgov.

Get the full story at Nextgov.