New report from Fidelis Cybersecurity identifies that organizations want to threat hunt, but can’t due to lack of time, skills and visibility
As cybercriminals and nation-states continue to improve the sophistication of attacks that bypass traditional preventive defenses, organizations must evolve their security defenses to reduce dwell time. Fidelis Cybersecurity (Fidelis) – a leading automated detection and response provider — asked cybersecurity leaders, security architects and security analysts about the evolution of their cyber defense strategies, including post-breach detection and response, as well as threat hunting.
Fidelis interviewed over 580 security professionals from around the globe to understand how they are shifting their security strategies. In the Fidelis 2018 State of Threat Detection Report, 63% of all respondents said they do not currently employ threat hunting or do not know if they do, with just over half (51%) of organizations with over 5000 employees stating that they threat hunt. The Fidelis Report also addressed broader detection and response capabilities and found some unsettling indicators that suggest that post-breach detection strategies are not robust enough to deal with the tactics, techniques and procedures being used by today’s threat actors.
Overall, just 21% of respondents perceived their detection measures to be highly effective. Healthcare and Federal Public Sector organizations have the lowest confidence levels with just 5% and 6% of respondents respectively stating that they felt their detection capabilities were highly effective. In addition, 45% of respondents stated that they do not have an Endpoint Detection and Response solution currently in place and 38% of all participants stated that they do not have a breach detection strategy in place at all.
“In discussions with our enterprise customers from around the globe, a recurring theme is the desire to hunt for threats,” said Nick Lantuh, CEO of Fidelis. “The common challenges they face are the lack of resources and expertise necessary to do it right, which our study has also confirmed. Organizations need the depth of insights into their data, the proper analytical tools, automated detection & response and the expertise to shift their defense strategy from being rocked back on their heels to up on their toes.”
Nearly half of the professionals who participated in the study noted they didn’t have the time to threat hunt, and a third cited lack of skills. But almost all of them – 88% – believe threat hunting is a necessity.
With time, skills and resources cited as major barriers to sophisticated detection measures, outsourcing detection and response and threat hunting to a Managed Detection and Response (MDR) Service is an option that should be considered. MDR enables organizations to completely outsource or augment their teams to ensure accurate threat detection and swift response to minimize dwell time.
Other findings from the report include:
- Organizations don’t have enough faith in their preventive solutions – with just 22% stating that they felt ‘highly confident’ in their preventive defenses when faced with a targeted attack
- Insufficient security resources and the lack of automation for IR and investigations are one of the biggest issues facing security teams today
- 53% of organizations who said they are not threat hunting said that they have no plans to do so
- 33% of respondents feel that ‘not enough resources’ is the biggest security issue that their organization is facing and 30% felt that ‘lack of automation for IR and investigations’ is the biggest security issue they face
Read the full report here:
Register for the webinar here:
Fidelis Cybersecurity is a leading provider of threat detection, hunting and response solutions. Fidelis combats the full spectrum of cyber-crime, data theft and espionage by providing full visibility across hybrid cloud / on-prem environments, automating threat and data theft detection, empowering threat hunting and optimizing incident response with context, speed and accuracy.
By integrating bi-directional network traffic analysis across your cloud and internal networks with email, web, endpoint detection and response, and automated deception technology, the Fidelis Elevate™ platform captures rich metadata and content that enables real-time and retrospective analysis, giving security teams the platform to effectively hunt for threats in their environment. Fidelis solutions are delivered as standalone products, an integrated platform, or as a 24×7 Managed Detection and Response service that augments existing security operations and incident response capabilities. Fidelis is trusted by Global 1000s and Governments as their last line of defense. Get in the hunt. For more information go to www.fidelissecurity.com.