CIO Influence
CIO Influence News Cloud Security

Sysdig Debuts New Benchmark for Cloud Detection and Response

Sysdig Debuts New Benchmark for Cloud Detection and Response

 Sysdig, the leader in cloud security powered by runtime insights released at SANS CyberFest 2023 the 5/5/5 Benchmark for Cloud Detection and Response, a new framework that outlines how quickly organizations should detect, triage, and respond to attacks in the cloud. Operating securely in the cloud requires a mindset shift in regard to time, and with that, cloud security programs need to hold themselves to a modernized benchmark: five seconds to detect, five minutes to correlate insights and understand what’s happening, and five additional minutes to respond. Recent findings by the Sysdig Threat Research Team published in the 2023 Global Cloud Threat Report note that, after discovering an exploitable target, malicious actors require less than 10 minutes to execute an attack.

CIO INFLUENCE News: Digi International Announces FIPS 140-2 Validation for Cryptographic Security

@Sysdig debuts new 5/5/5 Benchmark, which challenges organizations to detect, triage, and respond to attacks at cloud speed. Learn more: #CloudSecurity

Download the 5/5/5 Benchmark for Cloud Detection and Response.

Cloud attacks are swift and sophisticated, requiring robust threat detection and response programs that move at the speed of the cloud. On-premises attacks take 16 days on average and antiquated frameworks challenge security teams to respond to a breach within 60 minutes, which is simply insufficient for the cloud. Bad actors are exploiting the automation and scale of the cloud, along with new techniques, to accelerate all stages of an attack and inflict damage within minutes. The 5/5/5 Benchmark guides organizations to detect and respond to cloud attacks faster than adversaries can complete them.

The Challenge

  • Detect threats within five seconds. Organizations should be able to gather detection signals from their cloud security tools in real time to ensure visibility into ephemeral assets.
  • Correlate and triage within five minutes. Teams should be able to gather full context for all correlated signals within five minutes of receiving the first relevant alert.
  • Initiate a response within five minutes. Organizations should be able to initiate a tactical response within five minutes of confirming that an attack is in progress.

What people are saying

“People are always looking for security metrics, especially when the industry evolves into new operating models. We have plenty of ‘best practices,’ but no real way to quantify cloud security agility — until now,” said Anna Belak, Director, Office of Cybersecurity Strategy at Sysdig. “The 5/5/5 Benchmark, built in partnership with our customers, industry analysts, and the Sysdig Threat Research Team, sets a new standard for operating securely in the cloud.”

CIO INFLUENCE News: ECI Software Solutions Cloud Offerings Build Continued Trust and Business Value

“As organizations move to the cloud, traditional on-premises security standards become outdated and too slow. In the cloud, both innovation and attacks happen quickly – companies need security tools, processes, and standards designed to operate at the speed of cloud-native environments,” said Phil Bues, Research Manager for IDC Cloud Security.

“I don’t want to know 15 minutes after someone breached my system. I need to know instantly so that we can shut it down before the blast radius expands,” said Kuldeep Tomar, Head of Information Security at India’s leading digital skill games company and 5/5/5 Benchmark Advisor. “To move at the necessary speed, you need to not only be alerted to the right things, but also respond appropriately. Having a benchmark gives us a goal to hold ourselves to.”

[To share your insights with us, please write to]

Related posts

OX Security Research: When an Organization is at Risk for Dependency Confusion Attacks, 73% of its Assets are Vulnerable

PR Newswire

Moonwalk Universal Announces Support For IBM Spectrum Discover

WANdisco Joins The Scalable Open Architecture for Embedded Edge (SOAFEE) to Drive Automotive Innovation Via Open Industry Standards

CIO Influence News Desk