Inside the Mind of a Threat Hunter: Team Cymru's Latest Report Sheds Light on Challenges Faced by Cybersecurity Analysts
Cybersecurity threats to organizations are only increasing, not only in number but in scope. Proactive threat hunting helps organizations save money by preventing security breaches and reducing the impact of attacks. For example, a study by IBM found that the average total cost of a breach is $4.35 million.
To better understand the perspective of threat hunters who are in the trenches defending their organizations every day, Team Cymru surveyed 218 experienced security analysts to learn what works and what doesn't in their threat hunting program, how they measure success, and the biggest challenges they face.
Commenting on the findings, David Monnier, Chief Evangelist and Fellow at Team Cymru, said: "With today's rising cyber attacks, keeping a proactive stance against threats is key — but teams will only be as successful in protecting their data and assets if they have robust tools to help, the data and visibility into their environments, and experienced analysts to track and stop malicious activity. Yet what the threat hunting analysts reported and what we're seeing in our day-to-day is that security teams are looking for better tools, more data, and more training in order to effectively succeed at threat hunting."
- 59% say their threat hunting program is not very, or is only somewhat, effective.
- For those who do believe their threat hunting program is effective, 46% say the number one reason why is because of the trained analysts behind it.
- 38% report their biggest challenge is the lack of proper tools with which to perform successful and thorough threat hunting.
- 47% disclose that their top objective is having the ability to identify threats before an attacker causes damage.
- 28% see enterprise host forensic capability as the most valuable threat hunting product.
- Inability to measure success of threat hunting programs and finding more incidents than they have capacity to respond to are what most keep threat hunters up at night.
To download a full copy of the report, please click here.
About Team Cymru
Since 2005, Team Cymru's mission has been to Save and Improve Human Lives by working with security teams around the world, enabling them to track and disrupt the most advanced bad actors and malevolent infrastructures. The company delivers comprehensive visibility into global cyber threats and is the key source of threat intelligence for many cyber security and threat intelligence vendors. Enterprise security teams rely on the Pure Signal™ platform to close detection gaps, accelerate incident response, and detect threats and vulnerabilities across entire enterprises and third-party ecosystems. Its Community Services division provides no-cost threat detection, alerting, DDoS mitigation, and threat intelligence to more than 140 CSIRT teams across 86+ countries. For more information, visit https://team-cymru.com/.
Source: Team Cymru