SANS’s 2024 Threat-Hunting Survey Review

SANS's 2024 Threat-Hunting Survey Review

June 5, 2024 at 12:48PM

The 2024 SANS Threat-Hunting Survey reveals a growing maturity in threat-hunting methodologies, reflecting an increased adoption of formal processes in cybersecurity strategies. The survey also highlights evolving practices in sourcing intelligence, outsourcing threat hunting, and challenges related to skill shortages and tool limitations. Organizations are striving to enhance threat hunting with AI and ML, emphasizing its strategic importance.

Based on the meeting notes, here are the key takeaways:

1. The SANS 2024 Threat Hunting Survey shows a growing maturity in threat-hunting methodologies, with more organizations adopting formal processes despite challenges such as skill shortages and tool limitations.
2. The survey attracted participants from various industries, with a notable focus on cybersecurity and manufacturing, which has faced significant challenges from ransomware attacks.
3. The prevalence of cyber threats was highlighted, with business email compromise (BEC) and ransomware being the most prominent concerns identified by survey respondents.
4. Organizations have significantly evolved their threat-hunting practices, with changes occurring as needed, monthly, quarterly, or annually. Outsourced threat hunting is now used by 37% of organizations, and over half have adopted clearly defined methodologies for threat hunting.
5. Significant benefits from threat hunting include improved attack surface and endpoint security, more accurate detections with fewer false positives, and reduced remediation resources.
6. The survey also highlighted the increasing complexity and volume of cyber threats, with some organizations planning to implement AI and ML to tackle these challenges and intending to increase their investment in threat hunting by over 10% or even 25% in the next 24 months.

These are the clear takeaways from the meeting notes on the SANS 2024 Threat-Hunting Survey review.

Full Article