An organization is keen on improving its security posture by analyzing past incidents. Which KPI is the most appropriate for understanding the organization's progress in reducing the impact of security breaches over time?
Mean time to remediate (MTTR) is the correct answer because it measures the average time taken to fully resolve a security incident after detection. Tracking MTTR over time shows how quickly the organization can contain and eliminate threats; a downward trend indicates reduced breach impact. Mean time to detect (MTTD) measures detection speed only, change window duration relates to scheduled maintenance, and incident count tracks volume rather than remediation efficiency.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Mean Time to Remediate (MTTR)?
Open an interactive chat with Bash
How does MTTR help improve an organization's security posture?
Open an interactive chat with Bash
What are other important KPIs related to security incidents?