Security

Why threat hunting as-a-service is worth considering, but 'not a silver bullet'

Accenture and Endgame Inc. seek to detect and remove cyber threats from organizations' systems, but their solution may be only part of a strong security plan.

cyberlock.jpg
Image: iStockphoto/Kirill Savenko

Accenture and Endgame Inc. announced Monday a new threat hunting as-a-service program created to identify and remove known and never-before-seen adversaries lurking in an organization's system.

Accenture offers senior cybersecurity hunters who set out to find latent attackers targeting a company's intellectual property, business systems, or other assets. Clients do not experience any interruption in day-to-day operations, unlike traditional security approaches, according to a release.

"Today, cyber attackers can circumvent even the most fortified of traditional enterprise defense systems," said Vikram Desai, managing director of Accenture Analytics. "Rather than building a taller defensive wall, we're giving our clients the ability to strike first—to stop adversaries before they attack."

SEE: Cyber threat hunting: How this vulnerability detection strategy gives analysts an edge

The managed threat hunting as-a-service solution includes continuous endpoint monitoring to find attacks that may have slipped past other security tools. Additionally, it provides client organizations with actionable steps to take a list of potential vulnerabilities in their system.

"The ability of cybercriminals to sneak past even the most fortified defense systems has intensified the pressure on organizations to develop better threat detection capabilities," said Zeus Kerravala, founder and principal analyst with ZK Research. "Rather than waiting for a cyberattack to happen, enterprises need to arm their people with skills and technologies to help them generate actionable intelligence and hunt effectively."

A layered approach

Accenture and Endgame are not the first to market: Many other companies, including SecureWorks, Sqrrl, and Morphik also offer threat hunting services.

"Hunting is becoming almost a cliche—this is only new because of the wording," said security expert and TechRepublic columnist Michael P. Kassner.

With more than 430 million new unique pieces of malware found in 2015—up 36% from the year before—companies are increasingly looking to proactively address security threats, Kassner said. Many organizations are adding strategic initiatives to mitigate security risks, according to PricewaterhouseCoopers: 91% of companies surveyed had a risk-based security framework, and 49% conduct threat assessments.

"Each organization's infosec team needs to prioritize their needs based on the particular industry, and the threat landscape in that industry," said James Scott, senior fellow and co-founder of the Institute for Critical Infrastructure Technology. "From there, focus on piecing together a harmonious symphony of algorithmic science which not only detects and responds, but also predicts."

A service like Accenture's could be helpful for a company that determines its infosec team is lacking in threat detection, Scott said. "It could be a viable layer for a customized infosec strategy. But it's not a silver bullet."

The 3 big takeaways for TechRepublic readers

  1. Accenture and Endgame Inc. announced Monday a threat hunting as-a-service created to identify and remove latent threats in an organization's system.
  2. Threat hunting is becoming a more common service for companies looking to avoid increasingly numerous and sophisticated cyber attacks.
  3. Services like this may be one part of a layered security approach, but are not a silver bullet, experts said.

Also see

About Alison DeNisco Rayome

Alison DeNisco Rayome is a Staff Writer for TechRepublic. She covers CXO, cybersecurity, and the convergence of tech and the workplace.

Editor's Picks

Free Newsletters, In your Inbox