Threat hunters’ work lives.

Team Cymru this morning published a report looking at the challenges faced by cybersecurity analysts.

Measuring success is a challenge.

59% of the respondents said their organizations’ threat hunting program was only somewhat effective, and 38% said their biggest challenge was a lack of appropriate threat hunting tools. Nearly half (47%) said their main goal is to identify threats before an intruder is able to cause damage.

One of the top concerns among threat hunters is the inability to measure the success of their efforts:

“While there may be indicators that a program is successful, such as a decrease in alerts or incidents, it can be challenging to quantify the link between the program and these outcomes. Evaluating the success of a threat hunting program is important for determining whether their efforts are effectively reducing the risk of cyber attacks, identifying and mitigating threats, and improving the overall security posture of the organization. The inability to measure success can lead to difficulties in making informed decisions, allocating resources effectively, and justifying the value of the threat hunting program to stakeholders.”