Report: Businesses improved cyber incident response times between 2021 and 2022

Average security response times to cyberattacks improved from 29 days to 19 days between 2021 and 2022, according to a study.  

The improvements in response time were largely driven by the Log4j crisis and other high-profile vulnerabilities discovered during the period. The research is based on organizations completing cyber simulations, spanning more than 1.1 million exercises and labs between April 2022 and April 2023. 

But security teams are largely unprepared to deal with the post-incident recovery, with most of their focus dealing with the earliest stages of an attack, Immersive Labs said. 

The study examined the level of cyber resilience that companies have adopted in recent years due to the heightened risk environment.  

“What we found is that the number of days between a new threat exercise release and its completion by organizations is decreasing — meaning organizations are responding to threats more rapidly over time,” Emma Stowell, senior director of data, said in a news release.  

The improvements were likely related to internal incident response changes enacted in response to Log4j, which drove increased awareness of the importance of preparing for new threats.  

The Apache Log4j vulnerability, originally discovered in December 2021, was considered one of the largest threats to digital security in years. The vulnerability put millions of devices around the world at risk of attack, as unauthenticated hackers could take control by using a simple line of code.