In recent years, threat hunting has become much more widely adopted, but today the definition of threat hunting is still quite a controversial topic. Threat hunting is the art of finding the unknown in your environment, going beyond traditional detection technologies, with active cyber defence activity, proactively and iteratively searching through networks to detect and isolate advanced threats that evade existing security solutions.
A joint cybersecurity advisory released on September 1st detailed technical methods for uncovering and responding to malicious activity including best practice mitigations and common missteps. A collaborative effort, this advisory (coded AA20-245A) is the product of research from the cybersecurity organizations of five nations.
The process of threat hunting involves proactively searching for malware or attackers that are hiding within a network. Rather than simply relying on security solutions or services to detect threats, threat hunting is a predictive element to a layered security strategy, empowering organizations to go on the offensive looking for threats.
The FBI recently reported that in 2019, cybercrime cost businesses $3.5 billion, a number they say is likely grossly underestimated. Another study from Accenture that spanned 11 countries across 16 industries found that the complexity of attacks is also increasing. As a result, the average cost of cybercrime for an organization grew from $1.4 million to $13.0 million.