As we have discussed on this blog, guarding the perimeters and responding to firewall threats is no longer sufficient cybersecurity. Today’s pernicious attackers have far too many ways to make inroads into your company’s networks. Further, as recent data breaches attest, attackers have become dangerously good at hiding on enterprise networks for long periods of time. To optimize your data security, you need a threat hunter. It doesn’t require a mask and cape, but it does require proactive monitoring and neutralizing of network threats before they materialize.
Threat hunting essentially flips the script on passive data security that simply seeks to respond to security incidents and alerts. Threat hunting will require your company to identify potential vulnerabilities within your systems and network in order to protect those assets first.
Threat hunter: Internal hire?
To be effective at hunting, security teams will need access to internal and external telemetry and threat intelligence. An article in the MIT Technology Review points out that the cybersecurity and IT teams must be a force united in securing applications and data, especially since websites and back-end systems are being opened by a whole host of partners, customers, and consumers in ways like never before. “The seamless process flows mean more things can go wrong,” the article states, suggesting that any applications the company uses should have embedded security controls set at the highest levels of protection by default. Being proactive in data security requires protection at the default posture.
Or external hire?
Another perspective in DarkReading.com suggests that having trained analysts with, “a diverse range of skills on your team is another necessity.” These skills should include security operations skills, incident response, forensics, and malware analysis. From this angle, many companies find hiring a managed service provider for their IT a worthy investment. It is nearly impossible for 1-2 people to have all the skills needed to handle all of the data security as well as the daily IT needs a business needs to keep it moving forward. This is where an MSP differentiates itself from an in-house IT person. MSPs have deep skills in a wide range of technologies and are capable of threat hunting at a level that reduces risks for the long-term.
Hunting is about taking a proactive approach to dealing with threats on your network. Is your company looking to make data security a priority this year? Contact us for a free assessment.