{"id":5322,"date":"2021-05-03T14:45:01","date_gmt":"2021-05-03T18:45:01","guid":{"rendered":"https:\/\/solutionsreview.com\/identity-management\/?p=5322"},"modified":"2021-05-03T14:45:01","modified_gmt":"2021-05-03T18:45:01","slug":"creating-a-hostile-it-environment-how-to-reduce-dwell-time","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/identity-management\/creating-a-hostile-it-environment-how-to-reduce-dwell-time\/","title":{"rendered":"Creating a Hostile IT Environment: How to Reduce Dwell Time"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-4622\" src=\"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/11\/Cybersecurity-Better-MOD-.jpg\" alt=\"Creating a Hostile IT Environment: How to Reduce Dwell Time\" width=\"800\" height=\"400\" srcset=\"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/11\/Cybersecurity-Better-MOD-.jpg 800w, https:\/\/solutionsreview.com\/identity-management\/files\/2019\/11\/Cybersecurity-Better-MOD--300x150.jpg 300w, https:\/\/solutionsreview.com\/identity-management\/files\/2019\/11\/Cybersecurity-Better-MOD--768x384.jpg 768w, https:\/\/solutionsreview.com\/identity-management\/files\/2019\/11\/Cybersecurity-Better-MOD--540x270.jpg 540w, https:\/\/solutionsreview.com\/identity-management\/files\/2019\/11\/Cybersecurity-Better-MOD--162x81.jpg 162w, https:\/\/solutionsreview.com\/identity-management\/files\/2019\/11\/Cybersecurity-Better-MOD--360x180.jpg 360w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">How can your enterprise reduce dwell time? By creating a hostile IT environment through continuous monitoring, detection, and response capabilities.\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Dwell time is one of the least understood challenges for enterprise cybersecurity, and simultaneously one of the most damaging factors in a cyber-attack. Dwell time refers to the amount of time a hacker or other malicious actor spends in a victim network before detection and response. To put that in analog terms, it refers to the time the crook has before the cops show up to ruin their heist.\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Unlike their analog counterparts, hackers on average enjoy far more time to perform their crimes. While in an ideal situation dwell time only lasts a few minutes, it can also last hundreds of days at a time. Research from <\/span><a href=\"https:\/\/attivonetworks.com\/attivo-survey\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400\">Attivo Networks<\/span><\/a><span style=\"font-weight: 400\"> and <\/span><a href=\"https:\/\/www.armor.com\/resources\/blog\/dwell-time-cyber-security-metric\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400\">Armor<\/span><\/a><span style=\"font-weight: 400\"> indicates that finding an average dwell time can prove challenging, but 100 days appears to be the peak of the bell curve. Some breaches can go on for longer, possibly over years.\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Every day a hacker spends in dwell time on your business\u2019 IT environment, the more damage it does to your bottom line, your reputation, and your network. So your focusing should be on <a href=\"https:\/\/suggestionengine.solutionsreview.com\/buyer\/signup\" target=\"_blank\" rel=\"noopener\">how to reduce dwell time<\/a>.\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">The solution to this problem stems from continuous monitoring, detection, and response. Let\u2019s take a look at how the three biggest <a href=\"https:\/\/solutionsreview.com\/identity-management\/get-a-free-identity-and-access-management-software-solutions-buyers-guide\/\" target=\"_blank\" rel=\"noopener\">cybersecurity<\/a> categories handle this critical goal.\u00a0<\/span><\/p>\n<div class=\"widget\"><div class=\"aside-card\">\t\t\t<div class=\"textwidget\"><p><a class=\"iam-inject\" href=\"https:\/\/suggestionengine.solutionsreview.com\/buyer\/signup\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-1682\" title=\"\" src=\"https:\/\/solutionsreview.com\/identity-management\/files\/2021\/02\/Identity_Suggestion_Engine_Horiz_800.gif\" alt=\"IAM Solution Suggestion Engine\" width=\"800\" height=\"100\" \/><\/a><\/p>\n<\/div>\n\t\t<\/div><\/div>\n<h2 style=\"text-align: justify\"><b>Creating a Hostile IT Environment to Reduce Dwell Time<\/b><\/h2>\n<h3 style=\"text-align: justify\"><b>Endpoint Security: EDR<\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">To provide continuous monitoring and reduce dwell time, endpoint security provides endpoint detection and response (<\/span><a href=\"https:\/\/solutionsreview.com\/endpoint-security\/free-endpoint-detection-response-buyers-guide\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400\">EDR<\/span><\/a><span style=\"font-weight: 400\">). EDR focuses totally on the endpoint, monitoring every connected device as it operates in the environment. If a threat penetrates the digital perimeter and infects a connected endpoint, the solution sends an alert to your IT security team, thus improving investigation and response times.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">EDR works to reduce dwell time on devices, which can become host to long-term malware like cryptocurrency miners and bot programs. It creates a hostile IT environment even at the gateways to the network.\u00a0<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>SIEM: UEBA<\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">User and entity behavior analysis (UEBA) from <a href=\"https:\/\/solutionsreview.com\/security-information-event-management\/siem-buyers-guide-security-information-and-event-management\/\" target=\"_blank\" rel=\"noopener\">SIEM<\/a> keeps an eye on both the human and non-human users in your environment, ensuring they follow established baseline behavioral patterns. Therefore, it can detect and alert your IT security team to any of the following: abnormal logon\/logoff times, files accessed by unauthorized employees, and unusual email usage. Any of these could indicate a compromised account, an insider threat, or a hacker exploiting a recognized application or program.\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">UEBA creates a hostile IT environment for hackers by pulling aside any disguises hackers might try to wear in your network. It can reduce dwell time by giving hackers essentially no place to hide.\u00a0<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>Identity Management: Continuous Authentication<\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\"><a href=\"https:\/\/solutionsreview.com\/identity-management\/get-a-free-identity-and-access-management-software-solutions-buyers-guide\/\" target=\"_blank\" rel=\"noopener\">Identity Management<\/a>\u2019s detection and response capabilities stem from the idea that authentication doesn\u2019t end at the login portal. Instead, through tools like behavioral biometrics, you can observe that users act and even type befitting their individual profiles, preventing hackers from impersonating them. While multifactor authentication portals can deter and deflect most attackers, you always need to be ready for the hackers that do slip through your defenses.\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><div class=\"hr hr\"><\/div><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Ideally, your enterprise should employ all three of these capabilities to create the most hostile IT environment to hackers possible, and thus reduce dwell time considerably. If you\u2019re not sure where to start, why not check out the <a href=\"https:\/\/solutionsreview.com\/identity-management\/get-a-free-identity-and-access-management-software-solutions-buyers-guide\/\" target=\"_blank\" rel=\"noopener\">Identity Management Buyer\u2019s Guide<\/a> or the <a href=\"https:\/\/suggestionengine.solutionsreview.com\/buyer\/signup\" target=\"_blank\" rel=\"noopener\">Solutions Suggestion Engine<\/a>?\u00a0<\/span><\/p>\n<div class=\"widget\"><div class=\"aside-card\">\t\t\t<div class=\"textwidget\"><p><a class=\"iam-inject\" href=\"https:\/\/suggestionengine.solutionsreview.com\/buyer\/signup\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-1682\" title=\"\" src=\"https:\/\/solutionsreview.com\/identity-management\/files\/2021\/02\/Identity_Suggestion_Engine_Horiz_800.gif\" alt=\"IAM Solution Suggestion Engine\" width=\"800\" height=\"100\" \/><\/a><\/p>\n<\/div>\n\t\t<\/div><\/div>\n","protected":false},"excerpt":{"rendered":"<p>How can your enterprise reduce dwell time? By creating a hostile IT environment through continuous monitoring, detection, and response capabilities.\u00a0 Dwell time is one of the least understood challenges for enterprise cybersecurity, and simultaneously one of the most damaging factors in a cyber-attack. Dwell time refers to the amount of time a hacker or other [&hellip;]<\/p>\n","protected":false},"author":41,"featured_media":4622,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[5,1],"tags":[142,125,1460,16,1676,1424,1204,76,425,1242,1252,70,145,477,470],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Creating a Hostile IT Environment: How to Reduce Dwell Time<\/title>\n<meta name=\"description\" content=\"How can your enterprise reduce dwell time? By creating a hostile IT environment through continuous monitoring, detection, and response capabilities.\u00a0\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/identity-management\/creating-a-hostile-it-environment-how-to-reduce-dwell-time\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ben Canner\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/creating-a-hostile-it-environment-how-to-reduce-dwell-time\/\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/creating-a-hostile-it-environment-how-to-reduce-dwell-time\/\",\"name\":\"Creating a Hostile IT Environment: How to Reduce Dwell Time\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/creating-a-hostile-it-environment-how-to-reduce-dwell-time\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/creating-a-hostile-it-environment-how-to-reduce-dwell-time\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/11\/Cybersecurity-Better-MOD-.jpg\",\"datePublished\":\"2021-05-03T18:45:01+00:00\",\"dateModified\":\"2021-05-03T18:45:01+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\"},\"description\":\"How can your enterprise reduce dwell time? By creating a hostile IT environment through continuous monitoring, detection, and response capabilities.\u00a0\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/creating-a-hostile-it-environment-how-to-reduce-dwell-time\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/identity-management\/creating-a-hostile-it-environment-how-to-reduce-dwell-time\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/creating-a-hostile-it-environment-how-to-reduce-dwell-time\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/11\/Cybersecurity-Better-MOD-.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/11\/Cybersecurity-Better-MOD-.jpg\",\"width\":800,\"height\":400,\"caption\":\"Why Identity Governance Takes on New Importance in Remote Workplaces\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/creating-a-hostile-it-environment-how-to-reduce-dwell-time\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/identity-management\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Creating a Hostile IT Environment: How to Reduce Dwell Time\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#website\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/\",\"name\":\"Best Identity Access Management (IAM) Software, Tools, Vendors, Solutions, &amp; Services\",\"description\":\"Identity Access Management (IAM) News, Best Practices and Buyer&#039;s Guide\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/identity-management\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\",\"name\":\"Ben Canner\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"caption\":\"Ben Canner\"},\"description\":\"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/author\/bcanner\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Creating a Hostile IT Environment: How to Reduce Dwell Time","description":"How can your enterprise reduce dwell time? By creating a hostile IT environment through continuous monitoring, detection, and response capabilities.\u00a0","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/identity-management\/creating-a-hostile-it-environment-how-to-reduce-dwell-time\/","twitter_misc":{"Written by":"Ben Canner","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/identity-management\/creating-a-hostile-it-environment-how-to-reduce-dwell-time\/","url":"https:\/\/solutionsreview.com\/identity-management\/creating-a-hostile-it-environment-how-to-reduce-dwell-time\/","name":"Creating a Hostile IT Environment: How to Reduce Dwell Time","isPartOf":{"@id":"https:\/\/solutionsreview.com\/identity-management\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/identity-management\/creating-a-hostile-it-environment-how-to-reduce-dwell-time\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/identity-management\/creating-a-hostile-it-environment-how-to-reduce-dwell-time\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/11\/Cybersecurity-Better-MOD-.jpg","datePublished":"2021-05-03T18:45:01+00:00","dateModified":"2021-05-03T18:45:01+00:00","author":{"@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541"},"description":"How can your enterprise reduce dwell time? By creating a hostile IT environment through continuous monitoring, detection, and response capabilities.\u00a0","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/identity-management\/creating-a-hostile-it-environment-how-to-reduce-dwell-time\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/identity-management\/creating-a-hostile-it-environment-how-to-reduce-dwell-time\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/identity-management\/creating-a-hostile-it-environment-how-to-reduce-dwell-time\/#primaryimage","url":"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/11\/Cybersecurity-Better-MOD-.jpg","contentUrl":"https:\/\/solutionsreview.com\/identity-management\/files\/2019\/11\/Cybersecurity-Better-MOD-.jpg","width":800,"height":400,"caption":"Why Identity Governance Takes on New Importance in Remote Workplaces"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/identity-management\/creating-a-hostile-it-environment-how-to-reduce-dwell-time\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/identity-management\/"},{"@type":"ListItem","position":2,"name":"Creating a Hostile IT Environment: How to Reduce Dwell Time"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/identity-management\/#website","url":"https:\/\/solutionsreview.com\/identity-management\/","name":"Best Identity Access Management (IAM) Software, Tools, Vendors, Solutions, &amp; Services","description":"Identity Access Management (IAM) News, Best Practices and Buyer&#039;s Guide","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/identity-management\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541","name":"Ben Canner","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","caption":"Ben Canner"},"description":"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.","url":"https:\/\/solutionsreview.com\/identity-management\/author\/bcanner\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts\/5322"}],"collection":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/users\/41"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/comments?post=5322"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts\/5322\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/media\/4622"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/media?parent=5322"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/categories?post=5322"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/tags?post=5322"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}