Large and small businesses differ in more than size. Large companies find it easier to adjust headcount and therefore to introduce new skillsets. For small businesses on the other hand, adding just one person can represent a significant change to the payroll.
As IT solutions have progressed, becoming smarter, user-friendlier, more automated and more granular, smaller companies have been able to more finely adjust their investments and operations, helping them keep pace with bigger corporations. So far, IT security has followed a similar evolution. But will the rising trend of threat hunting change things?
The idea behind threat hunting is that some attackers are getting too smart for current IT security technology. They can penetrate defences without being detected, install malware, and develop their attacks at their leisure. However, in doing so, they leave traces that can be picked up by astute human beings, aka threat hunters.
These threat hunters use IT security tools to help them work better and faster, but their experience, knowledge and intuition are at the forefront of the initiatives to detect sophisticated attacks. As you might imagine, capable threat hunters do not grow on trees. Larger companies may be able to hire or train them, but this is unrealistic for many small businesses.
Should smaller businesses be worried about the rising need for threat hunters? There are at least two reasons for concern. First, attackers tend to pick easier, less protected targets to steal money, IP or other assets, which is already the case of many small businesses.
Second, attackers after bigger game may attack via their smaller, more vulnerable partners, which was how the high-profile attack in the US on the Target supermarket chain started. Smaller businesses might turn to the cloud and to managed detection and response (MDR) services for suitable solutions. However, effective threat hunting solutions need a certain minimum amount of (expensive) human resource, that cannot be spread too thinly. Unless artificial intelligence can bridge the gap, SMBs may need another solution to avoid lagging their bigger counterparts.