TMCnet News
New McAfee Report Reveals Secrets of Successful Threat Hunters and SOCsBlack Hat - McAfee (News - Alert), one of the world's leading cybersecurity companies, today announced the release of Disrupting the Disruptors, Art or Science?, a new report investigating the role of cyberthreat hunting and the evolution of the security operations center (SOC). Looking at security teams through four levels of development-minimal, procedural, innovative and leading, the report finds that advanced SOCs devote 50 percent more time than their counterparts on actual threat hunting. The Threat Hunter Threat hunting is becoming a critical role in defeating bad actors. A threat hunter is a professional member of the security team tasked with examining cyberthreats using clues, hypotheses and experience from years of researching cybercriminals, and is incredibly valuable to the investigation process. Per the survey, companies are investing in and gaining different levels of results from both tools and structured processes as they integrate "threat hunting" activities into the core security operations center. As the focus on professional threat hunters and automated technology increases, a more effective operations model for identifying, mitigating and preventing cyberthreats has emerged: human-machine teaming. In fact, leading threat hunting organizations are using this method in the threat investigation process at more than double the rate of organizations at the minimal level (75 percent compared to 31 percent). "Organizations must design a plan knowing they will be attacked by cybercriminals," said Raja Patel, vice president and general manager, Corporate Security Products, McAfee. "Threat hunters are enormously valuable as part of that plan to regain the advantage from those trying to disrupt business, but only when they are efficient can they be successful. It takes both the threat hunter and innovative technology to build a strong human-machine teaming strategy that keeps cyber threats at bay."
Results:
Strategies:
Tactics:
The Threat Hunter Playbook: Human-Machine Teaming Aside from manual study in the threat investigation process, the threat hunter is key in deploying automation in security infrastructure. The successful threat hunter selects, curates and often builds the security tools needed to thwart threats, and then turns the knowledge gained through manual investigation into automated scripts and rules by customizing the technology. This combination of threat hunting with automated tasks is human-machine teaming, a critical strategy for disrupting cybercriminals of today and tomorrow. To find More Information on Threat Hunting, including the report and executive summary, visit https://www.mcafee.com/soc-evolution. For more information on Human-Machine Teaming, visit the McAfee blog:
Survey Methodology In the Spring of 2017, McAfee worked with a third party to survey over 700 IT and Security professionals selected from a third-party database to represent a diverse set of countries, industries, and organization sizes. Participants worked for organizations with more than 1000 employees. Respondents surveyed came from Australia, Canada, Germany, Singapore, the United Kingdom and the United States whose job duties include threat hunting. About McAfee McAfee® is one of the world's leading independent cybersecurity companies. Inspired by the power of working together, McAfee creates business and consumer solutions that make the world a safer place. www.mcafee.com McAfee and the McAfee logo are trademarks of McAfee LLC in the United States and other countries. *Other names and brands may be claimed as the property of others.
View source version on businesswire.com: http://www.businesswire.com/news/home/20170725006586/en/ |