During the SolarWinds Orion supply chain compromise, threat actors lurked in the victims network for more than a year. These APTs are stealthy and strive to remain hidden for a long time. To counter these, we need to be aware of mean time to detect (MTTD) When detecting this kind of attack, these metrics can serve as a barometer for the strength of your defenses. Shortening the MTTD and MTTR and stopping an attack not only limits the impact of a breach, but also prevents legal harm.”]
Source: https://securityintelligence.com/articles/sleeper-threats-mean-time-to-detect/