According to Ponemon’s “The State of Threat Hunting and the Role of the Analyst,” survey, which was commissioned by Team Cymru, “lack of awareness” and “gaps in knowledge” are among the top excuses by cybersecurity leaders in terms of potential risk exposure, indicating a potentially grim prospect for remote-work environments.
The inaugural survey looked at responses from 1,800 cybersecurity leaders and practitioners, examining their views on external threat-hunting and building defensive capabilities.
Of note, approximately 50 percent of organizational attacks were launched by what Ponemon called “repeat offenders,” with 61 percent of victims unable to remediate compromises, thus leaving critical systems and data at risk.
Similarly, just 35 percent of respondents leverage security analysts effectively, with just 19 percent of average organizational budgets (2021) allocated to IT security, and 22 percent of that amount specifically for “analyst activities” and “threat intelligence.
Top intelligence data types included dark web data (47 percent), domain registration data (42 percent) and endpoint telemetry (42 percent), with 61 percent acknowledging that their company’s threat intelligence “cloud not keep up with the changes in how threat actors attack their organizations.”
