In recent years cyberattackers have become more sophisticated,
finding ways to bypass even the most secure networks in the world. The truth is most companies are hacked and don’t even know it – until it’s too late. With time to discovery taking 5 months on average, their attackers have ample time to inflict damage on systems and make off with their most critical data. Crowd Research Partners today released the results of its 2017 Threat Hunting Report, revealing critical insights into the new practice of cyber threat hunting as an emerging line of defense to combat advanced cybersecurity threats.
Based on a comprehensive survey of cybersecurity professionals in the 350,000 member Information Security Community on LinkedIn, the Infocyte co-sponsored research report reveals that threats are rising dramatically and that deployment of sophisticated threat hunting platforms can significantly accelerate the time spent to detect, investigate and remediate these threats.
“Following the unprecedented wave of cybersecurity attacks, threat hunting is emerging as a new line of defense and the latest innovation for security operations centers (SOCs) to combat advanced security threats,” said Holger Schulze, founder of the 350,000-member Information Security Community on LinkedIn. “By pairing human intelligence with next-generation threat hunting platforms, SOC teams are empowered to proactively identify and mitigate threats faster and more reliably.”
Key threat hunting trends revealed in the study include:
- Threats are increasing 2x – Over 80% of survey respondents said threats have increased at the rate of 2x or greater in the past year. Based on current market conditions, the number of advanced and emerging threats will continue to outpace the capabilities and staffing equipped to handle those threats.
- Resource limits prevent better threat management – Detection of advanced threats and the inability of organizations to find expert security staff to assist with threat mitigation are the top two challenges security operations centers are facing.
- SOCs not well equipped – Confidence in the industry’s ability to uncover advanced threats is low. For example, data breaches still have an average dwell time of 5 months. Only about 6% of respondents stated their SOC is cutting-edge in relation to handling emerging threats.
- Threat hunting delivers strong benefits – The main benefits of threat hunting platforms include improving detection of advanced threats, creating new ways of finding threats and reducing investigation time. The average time spent to detect a threat improved by 61%, and the average time to investigate a threat improved by 42% with a threat hunting platform.
More from our blog
Despite the rich data provided by SIEMs, organizations find themselves drowning in false positives, making it difficult to focus on high-priority events. This problem of alert fatigue prevents cyber security teams from identifying and addressing real threats – impacting small teams with no SOC, large enterprise teams with a SOC, and MSSPs overseeing the security for many SOCs/customers.Read More »
In 2018, the U.S. Healthcare Industry Remained a Hot Target for Data Breaches. Last year alone, over 15 million patient records were affected with an average of one data breach occurring every 24 hours in the healthcare industry. It goes without saying that hackers and cyber attackers are finding ways around/through/past security defenses—exploiting vulnerabilities and…Read More »
A Brief History of Forensic State Analysis Prior to starting Infocyte, our co-founders, Chris Gerritz and Russ Morris, created the first enterprise-scoped threat hunting team for the entire U.S. Department of Defense. Their teams were responsible for hunting, detecting, and responding to highly sophisticated attacks across an 800,000-node network. With virtually unlimited resources and access…Read More »