Over the past several years, the cybersecurity threat landscape has become increasingly unpredictable and precarious, prompting heightened concern among businesses and government entities fearful they could become the next victim of a major attack. However, according to a new global study commissioned by Raytheon, businesses have yet take a proactive stance against cyber threats.
Raytheon’s study, Don’t Wait: The Evolution of Proactive Threat Hunting, which was conducted by the Ponemon Institute in April 2016, is based on a survey of 1,784 information security leaders in 19 countries on how organizations are using managed security services (MSS) to strengthen their security posture. Fifty-six percent of respondents said their organizations currently engage an MSSP.
The survey revealed that a lack of expertise, personnel and resources are significant roadblocks standing in the way of an organization’s development of an effective cybersecurity posture.
Although many information security leaders believe MSS plays a critical role in helping organizations develop a proactive cybersecurity strategy, two-thirds of organizations not currently using an MSSP stated that they wait to act until their organization experiences a significant data loss from an IT security breach.
“A breach would confirm that the organization’s risk of compromise is high, so it becomes a priority,” the report stated.
Furthermore, eighty-four percent of those surveyed said their provider does not offer proactive hunting services, a critical tool to help find advanced threats based on behaviors and anomalies. According to the study, the increase in damaging, high-profile security breaches in recent years can be attributed, in part, to the lack of proactive threat hunting services.
“There is only one way to find the most sophisticated, damaging cyber threats attacking a company’s network: proactively hunt for them,” said David Amsler, president of Raytheon Foreground Security. “Too many organizations today rely on reactive models and automated tools that attempt to detect threats through signature-, rule- or sandbox-driven models. The reactive approach is not enough to stop the determined and sophisticated adversaries which are most often the cause of significant damage or data loss.”
The survey also found that the responsibility for relationships with MSSPs is shifting as cybersecurity becomes a whole-of-business issue, and not just a problem relegated to the IT department. Fifty-nine percent of those surveyed said the responsibility for the MSSP is shifting from IT to the lines of business.
The report asserted that organizations can no longer rely on the old adage of building higher walls, which has proven insufficient in the face of the emergence of increasingly damaging and sophisticated cyber threats. Organizations must move from a reactive approach to cybersecurity to a proactive one which detects, isolates and eradicates through an in-house team, a MSSP, or a hybrid solution that includes both.
“Cybersecurity is not a waiting game, and organizations without the expertise and tools required to identify and respond to skilled adversaries need to understand that,” said Jack Harrington, vice president of cybersecurity and special missions at Raytheon Intelligence, Information and Services. “The old approach waited for technology to flag known threats. In contrast, skilled hunters like those on our team proactively seek emerging threats and stop them before businesses suffer damage.”
