As today’s cybersecurity threats grow more advanced, the role of the Chief Information Security Officer (CISO) is becoming increasingly important. CISOs today must understand that a breach in cybersecurity is not a matter of if, but when. Effective incident response is critical — and knowing the right questions to ask when a breach occurs will put CISOs in the best position to help minimize the impact on the organization.

Read on for the top two questions CISOs should be asking when it comes to cybersecurity.

Cybersecurity Breaches — The Top Two Questions CISOs Should Ask

Any data is data that can be stolen — no matter how much CISOs might believe certain data isn’t worth stealing, or that breaches aren’t happening in their organization, it’s crucial to cast aside such assumptions.

The fact of the matter is, if you have a profitable business, your data is at risk, and you will experience a breach.

Prevention is ideal, yes, but detection is a must — timely detection. Once a breach is detected, what matters most next is how much you control the damage.

The top two questions, then, for CISOs to ask when it comes to cybersecurity breaches are:

  1. How long are they in your network?
  2. How much damage are they doing?

These are the two key questions, the two metrics that will help CISOs most in their response to cyber incidents — it all comes down to dwell time and lateral movement.

Dwell time refers to the amount of time that an attacker remains undetected within a network or system after gaining initial access. The longer the dwell time, the more opportunity the attacker has to move laterally within the network.

Lateral movement is a key part of an attacker’s post-compromise strategy and can be used to move deeper into an organization’s network, access more sensitive data, evade detection, and establish a foothold for future attacks.

Reducing dwell time is an important aspect of cybersecurity defense, as it limits the damage that can be done and helps to minimize the risk of a successful data breach. If caught early, the costs of a data breach are significantly lower. In 2022, the cost of the average breach globally was $4.35 million.. That number is a staggering $9.44 million in the U.S. Shortening the amount of time taken to identify and contain a breach from the average of 277 days to under 200 days can result in an average savings of $1.12 million.

CISOs should implement cybersecurity strategies with the goal of decreasing the amount of time attackers are in their network every month, every year. The amount of damage being done should likewise be decreasing. Time in the network, and damage done — both of these should continue to trend downward as organizations develop better detection capabilities and improve their overall incident response plan.

CISOs have a critical, challenging job amidst today’s cybersecurity threats. A strong incident response strategy is essential, and timely detection and controlling the damage are at the foundation. Being able to ask and answer the right questions in the face of a data breach will ensure CISOs are ready to help their organizations investigate and resolve attacks with as little damage as possible.

A Better Data Security Strategy Needs Better Tools

A proactive approach to data breaches will go a long way toward mitigating potential damage — and that includes ensuring your organization is armed with the best data security tools available.

As technology evolves, and current encryption becomes more vulnerable, Theon Technology is delivering a next-generation solution to the issues. Theon delivers enterprise-ready, quantum-resistant encryption tools through our TheonSDK™ Software Development ToolKit.

Our patented methodologies help protect against increasingly sophisticated attacks and impending quantum compute threats with a focus on data sovereignty, data security, and data compression, providing a software approach supporting multiple deployment models, and a product that delivers true One Time Pad (OTP) encryption at enterprise scale.

Theon’s advanced one-time pad-inspired encryption and true random number generation are providing a revolutionary pathway to more secure communication. Taking action with a trusted security partner like Theon can help your organization become a much more difficult target for cyberattacks today and tomorrow


Prepare your organization against sophisticated cyber threats with game-changing data security — Contact a Theon expert to get started. We also have free eBooks available for download, including our latest, The Secure Enterprise Communication Handbook, which offers an overview of everything decision makers need to know to prepare a secure communication strategy.