Survey Reveals Shocking Lack of Confidence by IT Professionals in Cybersecurity Capabilities
LEXINGTON, Mass. and TEL AVIV, Israel, Sept. 16, 2020 (GLOBE NEWSWIRE) — A new survey conducted by Cybersecurity Insiders and commissioned by Hunters in August 2020 has revealed a shocking lack of confidence by IT professionals in their cybersecurity capabilities.
Among the high-level findings, the majority of respondents (64%) are moderately confident (or less) in their ability to respond to a cyberattack. Adding further insult to injury, 56% think their SOC is not mature enough to deal with emerging threats.
“Single-sensor threat detection technologies aren’t enough,” said Ofir Har Chen, said Ofir Har Chen, VP of Operations and Intelligence at Hunters. “Without connecting data points across surfaces and conducting a rich threat analysis attacks are left undiscovered, that’s why an overwhelming number of security leaders are now embracing XDR solutions and threat hunting automation technologies.” The survey found that 93% of organizations see threat hunting as a top security initiative.
Why, prompts Har Chen? “Well, for one it takes 2.3x more time to investigate threats without threat hunting automation. Survey respondents also consider the automatic detection capabilities that threat hunting provides as a critical capability,” he added.
XDR (Extended Detection and Response) is an emerging category that is set for explosive growth. The survey provides some intriguing data on what cybersecurity professionals are missing today — and what they want.
The industry is turning toward XDR in order to improve threat detection and response by crossing all attack surfaces and reducing alert noise. While the pace and breadth of threats outstrip human-based detection and single-point solutions, it also overwhelms SOC teams triage with a deluge of alerts and false-positives.
Organizations realize that threat hunting automation is viable to greatly contextualize existing detections and organizational context, to improve defenses against current and future attacks. Security leaders can provide their security analysts with powerful XDR solutions to enable earlier detection at scale, reduce dwell time, and improve breach detection.
Key findings include:
- 82% of respondents agree that attackers typically dwell on a network between 1-15 days, on average, before they’re discovered by the SOC. Only 13% report they can detect attacks within the same day, and almost half of organizations (47%) within 5 days.
- Respondents think 38% of advanced, emerging threats are missed by traditional security tools.
- Organizations confirm that it takes 4x more time to detect threats without a threat hunting platform, and more than twice the time to investigate threats without a threat hunting platform.
- The most important capability that cybersecurity professionals consider critical to the effectiveness of their threat hunting solutions is automatic detection (69%), followed by threat intelligence (62%), and integration and normalization of multiple data sources (48%).
- The top benefits organizations derive from threat hunting automation include improved detection of advanced threats (63%), followed by reduced investigation time (55%), and saving time manually correlating events (47%). We would like to thank Hunters for supporting this important research.
The report surveyed 400 security decision makers across several industries, including financial services, healthcare, manufacturing, high-tech, government, and education.
Click here to obtain the survey: The Importance of Threat Hunting Automation for XDR.