Average time in calendar days to respond to and recover from cybersecurity incidents
This measure calculates average time in calendar days to respond to and recover from cybersecurity incidents. This begins when an incident has been detected and its scope has been established. It includes activities to remove the threat and restore the affected systems to their pre-incident condition; testing, monitoring, and validating affected systems, and restoring operations. Cybersecurity is defined as the ability to protect or defend the use of cyberspace from cyber-attacks. It is the state of being protected against the criminal or unauthorized use of electronic data, or the measures taken to achieve this, including defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks. This Cycle Time measure is intended to help companies analyze this duration related to the process group "Manage IT resilience and risk".
Benchmark Data
25th | Median | 75th |
---|---|---|
- | - | - |

Compute this Measure
Units for this measure are days.
Average time in calendar days to respond to and recover from cybersecurity incidents
Key Terms
Cybersecurity is the ability to protect or defend the use of cyberspace from cyber-attacks. It is the state of being protected against the criminal or unauthorized use of electronic data, or the measures taken to achieve this, including defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks.