Over a third of companies employ Managed Security Services

Alert Logic has published data from Crowd Research Partners’ 2018 Threat Hunting Report that shows 84 percent of companies agree that threat hunting should be a top security initiative, yet 76 percent believe their Security Operations Centres (SOCs) spend inadequate time proactively searching for newly emerging and advanced cyber threats. This discrepancy has one-third of companies employing managed security services to hunt cyber threats, according to the survey data.

  • 5 years ago Posted in

The industry report co-sponsored by Alert Logic and other cybersecurity providers, benchmarks the maturity and evolution of threat hunting initiatives in Security Operations Centres (SOC’s) and identifies impediments to implementing threat hunting capabilities. The report summarises results of a survey of more than 460 cybersecurity and IT professionals and underscores the need for businesses to pivot from purely reactive security to actively hunting threats and adversaries in order to detect security incidents earlier, respond faster, and stop future exploits.

The report found that lack of budget was the top barrier for organisations who have not yet incorporated threat hunting capabilities into their SOC’s, as reported by 45 percent of the companies, a 10 percent increase over the previous year. Lack of skilled, in-house threat hunting staff and lack of collaboration across departments were two other top cited barriers.

“Threat hunting reduces risk to an organisation by reducing exposure to external threats, improving the speed and accuracy of threat response and reducing the overall number of breaches,” said Bob Lyons, CEO, Alert Logic. “Threat hunting requires a sophisticated skill set and it’s often hard to find and retain in-house specialists to fulfil this function, especially when there isn’t always an obvious career path for them within organisations,” said Lyons.

Threat hunting is the process of proactively searching through networks, applications and operating systems to detect and isolate advanced persistent threats that aren’t easily detected by more traditional, reactive security technologies such as firewalls, intrusion detection systems and SIEMs. 

In general, SOC’s are overwhelmed as result of new and evolving cyber threats that are increasing in both sophistication and frequency.  According to the report, a majority of organisations employ fewer than five security professionals in their SOC who are dedicated to threat hunting.  Despite this, the report’s data shows that there is strong momentum for threat hunting with more than half of companies planning to build threat hunting programs in the next three years.

Alert Logic conducts threat hunting for its customers, achieving high levels of speed and detection accuracy – even for multi-stage persistent attacks, according to Lyons.  “Our data scientists, threat researchers and SOC analysts compare potential threat scenarios against an immense data set of event telemetry from our more than 4,000 customers. Alert Logic obtains intelligence on attackers’ motives and means while detecting threats, simultaneously training our proprietary machine learning capabilities.”

Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
73% of organizations lack automated patch management, and 62% experienced incidents involving...
Quest Software has signed a definitive agreement with Clearlake Capital Group, L.P. (together with...
Dell EMC PowerProtect Cyber Recovery for AWS provides a fast, easy-to-deploy public cloud vault to...
Aqua’s cloud native application protection platform becomes the only solution that protects cloud...
54% of organisations working on a security transformation project now or in the next 12 months.
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Zscaler Zero Trust exchange cloud-based architecture enables superior green security capabilities...