June 8, 2016 by Canadian Underwriter
Two-thirds of respondents to a global study commissioned by technology and innovation company Raytheon have indicated that not until there is a “significant data loss” from an IT security breach are their organizations motivated to engage a vendor.
Don’t Wait: The Evolution of Proactive Threat Hunting, released on Monday, found that organizations worldwide wait until they fall victim to a damaging cyberattack before engaging a provider of managed security services (MSS). The survey included 1,784 information security leaders in 19 countries across North America, Europe, the Middle East and Asia Pacific who are familiar with their organization’s MSS, including Canada, the United States, United Kingdom and Australia, among others.
According to the survey, organizations are looking for more from their providers than traditional services such as firewalls, intrusion detection and virtual private networks. To truly defend their networks from attacks amidst staff shortfalls, budget pressures and higher-risk cyber environments, security leaders are adopting MSS that include advanced capabilities like hunting, incident response and integration services, currently offered by a small subset of today’s providers.
“Cybersecurity is not a waiting game, and organizations without the expertise and tools required to identify and respond to skilled adversaries need to understand that,” said Jack Harrington, vice president of cybersecurity and special missions at Raytheon Intelligence, Information and Services. “The old approach waited for technology to flag known threats. In contrast, skilled hunters like those on our team proactively seek emerging threats and stop them before businesses suffer damage.”
The study found that 80% of respondents reported that MSS are important to their overall IT security strategy. However, there is room for improvement: 84% said that their provider does not offer proactive hunting services even though they effectively find the most insidious threats impacting enterprises and governments alike. Still, security leaders rely on MSS because: it improves their cybersecurity posture (59%), finding and retaining in-house top talent is a challenge (58%) and they lack in-house technology (57%).
“There is only one way to find the most sophisticated, damaging cyber threats attacking a company’s network: proactively hunt for them,” said David Amsler, president of Raytheon Foreground Security, in the statement. “Too many organizations today rely on reactive models and automated tools that attempt to detect threats through signature-, rule- or sandbox-driven models. The reactive approach is not enough to stop the determined and sophisticated adversaries which are most often the cause of significant damage or data loss.”
Other study findings include: