More organizations appear to be heeding the advice to implement capabilities for detecting intrusions sooner, at least based on an analysis of data from breach investigations that security vendor Trustwave conducted for clients last year. Trustwave’s analysis showed that the median number of days from an intrusion to initial detection of the compromise fell sharply from 80.5 days in 2015 to 49 days in 2016. In other words, out of all organizations for which Trustwave conducted a breach investigation last year, half discovered the breach in 49 days or less, while half took longer.