In recent years cyberattackers have become more sophisticated, finding ways to bypass even the most secure networks in the world. The truth is most companies are hacked and don’t even know it – until it’s too late. With time to discovery taking 5 months on average, their attackers have ample time to inflict damage on systems and make off with their most critical data. Crowd Research Partners today released the results of its 2017 Threat Hunting Report, revealing critical insights into the new practice of cyber threat hunting as an emerging line of defense to combat advanced cybersecurity threats.
Based on a comprehensive survey of cybersecurity professionals in the 350,000 member Information Security Community on LinkedIn, the Infocyte co-sponsored research report reveals that threats are rising dramatically and that deployment of sophisticated threat hunting platforms can significantly accelerate the time spent to detect, investigate and remediate these threats.
“Following the unprecedented wave of cybersecurity attacks, threat hunting is emerging as a new line of defense and the latest innovation for security operations centers (SOCs) to combat advanced security threats,” said Holger Schulze, founder of the 350,000-member Information Security Community on LinkedIn. “By pairing human intelligence with next-generation threat hunting platforms, SOC teams are empowered to proactively identify and mitigate threats faster and more reliably.”
Key threat hunting trends revealed in the study include:
- Threats are increasing 2x – Over 80% of survey respondents said threats have increased at the rate of 2x or greater in the past year. Based on current market conditions, the number of advanced and emerging threats will continue to outpace the capabilities and staffing equipped to handle those threats.
- Resource limits prevent better threat management – Detection of advanced threats and the inability of organizations to find expert security staff to assist with threat mitigation are the top two challenges security operations centers are facing.
- SOCs not well equipped – Confidence in the industry’s ability to uncover advanced threats is low. For example, data breaches still have an average dwell time of 5 months. Only about 6% of respondents stated their SOC is cutting-edge in relation to handling emerging threats.
- Threat hunting delivers strong benefits – The main benefits of threat hunting platforms include improving detection of advanced threats, creating new ways of finding threats, and reducing investigation time. The average time spent to detect a threat improved by 61%, and the average time to investigate a threat improved by 42% with a threat hunting platform.