According to IBM's Cost of a Data Breach report, the global average cost of a data breach in 2023 was $4.45 million, a 15% increase from 2020, underscoring the escalating financial impact on organizations. As cyber attacks continue to escalate in both frequency and sophistication, organizations are grappling with the challenge of staying ahead of malicious actors. Team Cymru's latest report surveyed 293 cybersecurity professionals to uncover the current state of threat hunting programs, their effectiveness, and the obstacles they face.

"The report paints a picture of a cybersecurity landscape where no organization is immune, as nearly half of the respondents have experienced a major breach in the last year," said David Monnier, Chief Evangelist at Team Cymru. "However, the silver lining remains the robustness of threat hunting programs, which played a crucial role in mitigating the impact of these breaches for 72% of those affected. These findings reinforce the critical need for organizations to seek new methods, including real-time threat intelligence, greater visibility of threats across third parties, and broader adoption of proactive security measures beyond their perimeter."

Key Findings:

Nearly 50% have experienced a major security breach in the past 12 months. Of those that did, 72% say their threat hunting program played a key role in preventing or mitigating the breach.

39% say their top challenges are lack of appropriate funding and lack of data to threat hunt against.

The majority say proactive detection of previously unknown threats is their top objective.

53% say they would quit their job today to go work at an organization that offered better threat hunting tools and technology even if paid less.

The most valuable threat hunting product is network forensic detection, netflow telemetry, raw network telemetry data and/or full packet captures.

The top priority for the next year is expanding third-party monitoring for signals of compromise.

About Team Cymru

Team Cymru's mission to Save and Improve Human Lives is fulfilled by empowering security teams around the world to track and disrupt the most sophisticated bad actors and malevolent infrastructures. Powered by the Pure Signal platform, the largest source of context-enriched external threat intelligence, our Enterprise and Government customers gain real-time visibility of vulnerabilities and malicious internet activity beyond network borders to proactively close security gaps and accelerate incident response across organizations and third-party ecosystems. Its Community Services provides no-cost threat detection, alerting, DDoS mitigation, and threat intelligence to more than 140 CSIRT teams across 86+ countries. Learn more at https://team-cymru.com.

