2020 Threat Hunting Report [ DomainTools ]

Download the 2020 Threat Hunting Report by completing the form on the right.

Threat hunting is a new discipline for most organizations, established in response to new security challenges to focus on proactively detecting and isolating Advanced Persistent Threats (APTs) that might otherwise go undetected.

While many SOCs are struggling to cope with the current security threat workload, organizations are making the switch to include threat hunting as part of their security operations. They are discovering that proactive threat hunting can reduce the risk and impact of threats while improving defenses against new attacks.

In 2020, Cybersecurity Insiders conducted the third annual research project on threat hunting to gain deeper insights into the maturity and evolution of the security practice. The research confirms that organizations are increasing their operational maturity and investments in threat hunting.

Organizations realize that proactively uncovering security threats pays off with earlier detection, faster response, and effective denial of future exploits that can damage business operations.

Key finding include:

• Although threat hunting is still an emerging discipline, 93% of organizations agree that threat hunting should be a top security initiative to provide early detection and reduce risk. Fiftythree percent strongly agree, an increase of nine percentage points since last year’s survey.

• More than half of organizations (61%) have experienced an increase in the severity of attacks at a rate of 2x or more over the last 12 months. A similar share of SOCs (64%) have experienced an increase in the frequency of cyber attacks over the last 12 months.

• Understanding Indicators of Compromise (IOCs) allows organizations to develop effective
defense methodologies that help with rapid detection, containment, and denial of future
exploits. Our research reveals that hunt teams most frequently investigate behavioral
anomalies (74%), followed by suspicious IP addresses (59%) and denied/flagged connections (tied at 59%).

• When asked whether organizations are seeing challenges when hiring threat hunting
professionals as a remote workforce in the wake of the COVID pandemic, four of six say that hiring threat hunters will become more difficult. Half say that hiring difficulty will be about the same; only 10% see hiring to be less difficult.

We would like to thank DomainTools for supporting this unique research.

We hope you enjoy the report.

More Popular Resources