With cyberattacks becoming increasingly more sophisticated, companies must continue improving their security measures if they want to keep up. While organizations may want to threat hunt, a slew of barriers stand in the way, according to Fidelis Cybersecurity’s 2018 State of Threat Detection Report.
The report interviewed more than 580 cybersecurity leaders, security architects, and security analysts from around the world to gain insight into how organizations’ security strategies are evolving. Additionally, the report investigated the effectiveness of companies’ threat detection and response capabilities, said the press release.
SEE: Cybersecurity in 2018: A roundup of predictions (Tech Pro Research)
Unfortunately, 63% of respondents said they either don’t conduct threat hunting or aren’t aware if they do, said the release. Only 21% of respondents felt their threat detection strategies were highly effective, with organizations in healthcare and the federal public sector having the least amount of confidence, according to the release.
Nearly all respondents (88%), however, labeled threat hunting as a necessity. While security measures are important across the board, companies are limited by a lack of time, skills, and visibility, said the report. Half of respondents cited not having enough time to threat hunt, and a third cited a skills gap as the reasons for not threat hunting, the release added.
“In discussions with our enterprise customers from around the globe, a recurring theme is the desire to hunt for threats,” said Nick Lantuh, CEO of Fidelis, in the release. “The common challenges they face are the lack of resources and expertise necessary to do it right, which our study has also confirmed. Organizations need the depth of insights into their data, the proper analytical tools, automated detection & response and the expertise to shift their defense strategy from being rocked back on their heels to up on their toes.”
SEE: Phishing and spearphishing: A cheat sheet for business professionals (TechRepublic)
More than half (53%) of organizations that are not threat hunting said they have no plans set to do so in the future, said the release. Without searching for and detecting threats, companies eliminate the opportunity to stop an attack before it has even started, forcing them to rely on post-breach defenses and recovery. By hunting for threats in the first place, recovery may not even need to be used.
The big takeaways for tech leaders:
- 88% of cybersecurity professionals believe threat hunting is necessary, but only 21% are confident in their threat detection strategies. — Fidelis, 2018
- The main barriers preventing organizations from threat hunting are a lack of time, skills, and resources. — Fidelis, 2018