The correct answer is A. MTTD — Mean Time to Detect — measures the average time between the beginning of a security incident and its detection. A shorter MTTD means the organization detects incidents faster, which can reduce attacker dwell time, limit damage, and reduce the incident’s overall impact.

Exact supporting extract: the Secbay CySA+ guide defines MTTD as the average duration between the occurrence of a security incident and its detection. It states that MTTD reflects the effectiveness of monitoring and detection capabilities and that reducing MTTD improves cybersecurity resilience.

The official CySA+ objectives include mean time to detect, mean time to respond, mean time to remediate, and alert volume under incident response metrics and KPIs.

Why the other options are incorrect:

B is incorrect because MTTD does not guarantee leadership is notified before exploitation.

C is incorrect because the time between detection and response is closer to MTTR, not MTTD.

D is incorrect because MTTD is a reporting metric, not a regulatory compliance process.

A is correct because faster detection normally reduces potential incident impact.