Threat hunting programs can save organizations from costly security breaches

Cybersecurity threats to organizations are only increasing, not only in number but in scope, according to Team Cymru.

effective threat hunting program

The true cost of cyber breaches

Proactive threat hunting helps organizations save money by preventing security breaches and reducing the impact of attacks. For example, a study by IBM found that the average total cost of a breach is $4.35 million.

To better understand the perspective of threat hunters who are in the trenches defending their organizations every day, Team Cymru surveyed 218 experienced security analysts to learn what works and what doesn’t in their threat hunting program, how they measure success, and the biggest challenges they face.

“With today’s rising cyber attacks, keeping a proactive stance against threats is key — but teams will only be as successful in protecting their data and assets if they have robust tools to help, the data and visibility into their environments, and experienced analysts to track and stop malicious activity. Yet what the threat hunting analysts reported and what we’re seeing in our day-to-day is that security teams are looking for better tools, more data, and more training in order to effectively succeed at threat hunting,” said David Monnier, Chief Evangelist and Fellow at Team Cymru.

Ineffective threat hunting program leave organizations vulnerable

59% say their threat hunting program is not very, or is only somewhat, effective. For those who do believe their threat hunting program is effective, 46% say the number one reason why is because of the trained analysts behind it.

38% report their biggest challenge is the lack of proper tools with which to perform successful and thorough threat hunting. 47% disclose that their top objective is having the ability to identify threats before an attacker causes damage.

28% see enterprise host forensic capability as the most valuable threat hunting product. Inability to measure success of threat hunting programs and finding more incidents than they have capacity to respond to are what most keep threat hunters up at night.

Don't miss