Lack of resources thwarting cyber security threat hunting

clock • 2 min read

Security teams lack the resources and time to proactively search for threats

Almost three-quarters (74 per cent) of organisations fail to employ ‘threat hunters' due to a lack of resources.

That's according to a new report from Computing and Carbon Black that gauges the opportunities and obstacles facing a more proactive approach to cyber security, known as threat hunting.

In addition to those who steer clear due to time constraints, a further 23.4 per cent do not use threat hunters due to a lack of time, signalling the strain cyber security teams are under.

The finding echoes reports this week concerning the Government Cyber Governance Health Check 2018's revelation that only 16 per cent of the boards of UK's FTSE 350 companies have a sound understanding of the potential impact that a cyber-attack could have on their organisation.

Computing's research into threat hunting reinforces these findings, highlighting a lack of board-level buy-in when it comes to a proactively seeking out security weaknesses and breaches. As the report explains:

"It's true that threat hunting offers business benefits, such as increased control and the ability to counter ever-more complex cyber attacks. But leadership buy-in is key to investment in threat hunting. This is partly about positioning ROI in the right way. It's also about budgets.

"According to our survey, a third of boards demand provable ROI on security operations. It's certainly a challenge, and it makes proactive protection that much harder.

"However, the cost of security breaches is rising. On top of the damage to reputation and operational disruptions, the EU General Data Protection Regulation (GDPR) stipulates that fines of up to four per cent of turnover can be applied to those firms that suffer a breach. This can end up costing tens of millions of pounds."

Given this stark reality, boards should be aware of the fact that ROI is clearly evident when the alternative is toying with the risk of huge fines and incalculable reputational damage.

To learn more, read the full report: Outsmarting the Smart: Entering the Age of Threat Hunting.

Related Topics

You may also like
Windows 11 security ineffective against attacks on old device drivers, say researchers

Threats and Risks

Windows 11 security ineffective against attacks on old device drivers, say researchers

34 vulnerable drivers could grant an attacker full control of a hardware device

clock 07 November 2023 • 2 min read
Accidental exclusion exacerbating cyber's staffing problem

Careers and Skills

Accidental exclusion exacerbating cyber's staffing problem

Many people who would excel in cybersecurity roles see no obvious way in, with those that do make it getting stuck in entry-level positions

clock 12 May 2023 • 4 min read
Former Head of Police National Cyber Crime Unit joins Cybersecurity Festival

Leadership

Former Head of Police National Cyber Crime Unit joins Cybersecurity Festival

Charlie McMurdie spent 32 years in the Met and built the Police Central e-crime Unit

clock 29 March 2023 • 2 min read
Author spotlight

Computing Staff

View profile
More from Computing Staff

IBM to acquire HashiCorp for $6.4bn

UK IT Awards: Your questions answered

Sign up to our newsletter

The best news, stories, features and photos from the day in one perfectly formed email.

Get the newsletter

More on Security

BlueVoyant chooses Leeds for new Security Operations Centre
Security

BlueVoyant chooses Leeds for new Security Operations Centre

The new SOC will boost customer compliance with regulations like NIS2 and DORA

Penny Horwood
Penny Horwood
clock 25 April 2024 • 4 min read
Met police disrupt LabHost scam-as-a-service website
Security

Met police disrupt LabHost scam-as-a-service website

Dozens arrested globally and thousands sent warnings

Penny Horwood
Penny Horwood
clock 18 April 2024 • 3 min read
Last chance to register for Cybersecurity Festival 2024
Security

Last chance to register for Cybersecurity Festival 2024

Book your free place today

Computing Staff
clock 18 April 2024 • 2 min read