Does your organisation have a formalised threat hunting programme? If so - what were the key drivers for you in setting one up and what made it successful? If not - what is stopping you from setting this up?

Awareness & Training Threat Intelligence & Incident Response

688 views2 Comments

Sort by:

CISO in Software2 months ago

The first question to ask is whether you are ready with the data lake, resources and time to invest in this space. Not all companies can make this investment internally and are often best working with an external provider to explore this space as a project.

Chief of Information Security in Energy and Utilities2 months ago

If you have an IR retainer, I'd evaluate their threat hunting service. This usually provides 24/7 threat hunting at the cost of 1-2 FTE (e.g., CrowdStrike Overwatch). If you wish to build your team, consider your ability to attract and retain skilled staff while providing 24/7 coverage.

Content you might like

Which pitfalls—model bias, false positives/negatives, data quality, regulatory constraints—often impede AI-based security tools, and how can they be mitigated in a financial-services context?

Is your org using digital risk protection services (DRPS)?

Yes26%

We’re evaluating providers52%

We plan to add DRPS over the next year9%

No, but we’re discussing this option4%

No4%

Don’t know/other4%

View Results

How do you mitigate the impact of unexpected talent departures? Are there any tech solutions or other strategies you use to retain institutional knowledge?

Any tips for evaluating/implementing solutions for application detection and response? What’s your experience been like with these tools so far?

OWASP top 10 for LLMs - which ones are you most concerned about for the immediate future?

Prompt injection12%

Insecure output handling45%

Training data poisoning25%

Model denial of service16%

Supply chain vulnerabilities19%

Sensitive information disclosure26%

Insecure plugin design18%

Excessive agency10%

Over reliance on LLM11%

Model theft4%