t cht lk
t cht lk
Spiral of more threatens security teams ’ ability to defend their organization
Manual alert triage costs organizations $ 3.3 billion annually in the US alone , and security analysts are tasked with the massive undertaking of detecting , investigating and responding to threats as quickly and efficiently as possible while being challenged by an expanding attack surface and thousands of daily security alerts . a flood of alerts , yet , the vast majority deem their tools effective overall .
• 41 % believe alert overload is the norm because vendors are afraid of not flagging an event that could turn out to be important .
• 38 % claim that security tools are purchased as a box-ticking exercise to meet compliance requirements and 47 % wish IT team members consulted them before investing in new products .
The study found :
• 63 % report the size of their attack surface has increased in the past three years .
• On average , SOC teams receive 4,484 alerts daily and spend nearly three hours a day manually triaging alerts .
• Security analysts are unable to deal with 67 % of the daily alerts received , with 83 % reporting that alerts are false positives and not worth their time .
SOC analysts don ’ t have the tools to do their jobs effectively
Despite a majority of SOC analysts reporting their tools are effective , the combination of blind spots and a high volume of false positive alerts are preventing enterprises and their SOC teams from successfully containing cyberrisk . Without visibility across the entire IT infrastructure , organizations are not able to identify even the most common signs of an attack , including lateral movement , privilege escalation and cloud attack hijacking .
The study also found :
• 97 % of SOC analysts worry about missing a relevant security event because it ’ s buried under
76 INTELLIGENTCIO APAC www . intelligentcio . com