As many SOCs struggle to cope with the rising security threat workload, more organizations continue to adopt threat hunting as an integral part of their security operations. They are discovering that proactive threat hunting can reduce the risk and impact of threats that might otherwise go undetected by traditional security technologies, all while improving defenses against new attacks.
Cybersecurity Insiders conducted the fifth annual threat hunting research project to gain deeper insights into the state and evolution of this security practice.
Key findings include:
• The top challenge facing SOC teams is detecting advanced threats, yet only 10% of practitioners feel “very confident” in their organization’s ability to uncover them.
• Thirty-five percent of SOC teams report the frequency of threats is increasing at a rate of 2x, and an estimated 38% of threats are missed.
• A third of security practitioners (34%) are unsure about the financial impact a breach would have on their organization.
• Nearly half of respondents (46%) don’t have a way to determine where to focus their threat hunting efforts, and nearly a quarter (24%) don’t have a way of determining which assets are the most critical.
• The top 3 most important threat hunting tool capabilities are threat intelligence (62%), automatic detection (57%), and integration and normalization of multiple data sources (47%).
We would like to thank Intrusion for supporting this important research. We hope you find this report informative and helpful as you continue your efforts to protect your organizations against evolving cyber threats.