Breakout time: Is your IT team ready for a cyber attack?

IT team meeting discussion at large table with computers

In today’s ever-evolving cyber landscape, it’s crucial that your IT team is prepared for attacks. Speed is essential for effective cyber defense, especially for organizations that manage healthcare and other types of private data. 

The critical window of “breakout time” was highlighted as an important way to gauge your organization’s defenses against a data breach in CrowdStrike’s 2018 Global Threat Report.

Breakout time refers to the time it takes for an intruder to begin moving outside of the initial attack entry point to threaten other systems in a network. 

3 key metrics every organization should know

According to CrowdStrike’s report, organizations only have an average of one hour and 58 minutes to detect and remove an attacker before they compromise additional IT systems across the enterprise. 

Breakout time involves three key metrics that can evaluate your organization’s preparedness for a cyber attack:

  1. Detection time – How long does it take your team to detect an intrusion?
  2. Investigation time – How long does it take your team to understand the scope of an attack and what type of response is needed?
  3. Response time – How long does it take your team to respond to an intrusion, remove the attacker, and contain any damage?

The best-prepared organizations follow the 1-10-60 rule — strive to detect an intrusion in under one minute, fully investigate it in under 10 minutes, and remove the attacker in under an hour.

Following these guidelines, your organization can minimize the impact of a cyber attack and prevent it from becoming a breach.

Why organizations need to increase their defenses 

New security technologies and approaches that go beyond the traditional endpoint defense of the past are required to address modern cyber threats. And when you’re protecting sensitive patient data there’s not much room for error. 

An organization’s reputation can be seriously damaged by a data breach. And Boards and CEOs are often in attackers’ crosshairs because of their influence and access to information. 

Regulatory violations are costly and severe Health Insurance Portability and Accountability Act (HIPAA) penalties are incurred for organizations that fail to provide notification of breaches in a timely manner.  


Breakout time is a useful security standard that can offer a clear analysis of your defense capabilities.

Understanding your cybersecurity team’s response speed can give your organization valuable insights into how to become better prepared to fend off cyber attacks and prevent data breaches.  

Try Paubox Email Suite for FREE today.

About the author

Rick Kuwahara

Rick Kuwahara is COO and Chief Compliancy Officer for Paubox.

Read more by Rick Kuwahara

Get started with
end-to-end protection

Bolster your organization's security with state-of-the-art email encryption and inbound email security.

Highest rated HIPAA compliant messaging solution on G2

EmailEncryption BestMeetsRequirements MeetsRequirements
SecureEmailGateway MostImplementable Total
SecureEmailGateway Leader Leader
SecureEmailGateway EasiestToUse EaseOfUse
SecureEmailGateway EasiestAdmin EaseOfAdmin
SecureEmailGateway BestUsability Total
SecureEmailGateway BestResults Total
SecureEmailGateway BestRelationship Total
EmailEncryption UsersMostLikelyToRecommend Nps
EmailEncryption MomentumLeader Leader