An organization is keen on improving its security posture by analyzing past incidents. Which KPI is the most appropriate for understanding the organization's progress in reducing the impact of security breaches over time?
Change window duration
Incident count
Mean time to remediate (MTTR)
Mean time to detect (MTTD)