As cybercriminals and nation-states continue to improve the sophistication of attacks that bypass traditional preventive defenses, organizations must evolve their security defenses to reduce dwell time. Fidelis Cybersecurity asked cybersecurity leaders, security architects and security analysts about the evolution of their cyber defense strategies, including post-breach detection and response, as well as threat hunting.

Fidelis interviewed over 580 security professionals from around the globe to understand how they are shifting their security strategies. In the Fidelis 2018 State of Threat Detection Report, 63 percent of all respondents said they do not currently employ threat hunting or do not know if they do, with just over half (51 percent) of organizations with over 5000 employees stating that they threat hunt.

The report also addressed broader detection and response capabilities and found some unsettling indicators that suggest that post-breach detection strategies are not robust enough to deal with the tactics, techniques and procedures being used by today’s threat actors.

Overall, just 21 percent of respondents perceived their detection measures to be highly effective. Healthcare and federal public sector organizations have the lowest confidence levels with just 5 percent and 6 percent of respondents respectively stating that they felt their detection capabilities were highly effective. In addition, 45 percent of respondents stated that they do not have an endpoint detection and response solution currently in place and 38 percent of all participants stated that they do not have a breach detection strategy in place at all.

“In discussions with our enterprise customers from around the globe, a recurring theme is the desire to hunt for threats,” said Nick Lantuh, CEO of Fidelis. “The common challenges they face are the lack of resources and expertise necessary to do it right, which our study has also confirmed. Organizations need the depth of insights into their data, the proper analytical tools, automated detection & response and the expertise to shift their defense strategy from being rocked back on their heels to up on their toes.”

Nearly half of the professionals who participated in the study noted they didn’t have the time to threat hunt, and a third cited lack of skills. But almost all of them – 88 percent – believe threat hunting is a necessity.

With time, skills and resources cited as major barriers to sophisticated detection measures, outsourcing detection and response and threat hunting to a Managed Detection and Response (MDR) Service is an option that should be considered. MDR enables organizations to outsource or augment their teams to ensure accurate threat detection and swift response to minimize dwell time.

Other findings from the report include: