"Alert Overload Distressing 70% of SecOps Teams"

Researchers at Trend Micro conducted a new study where they polled 2300 cybersecurity decision-makers that run Security Operations Centers (SOCs) or SecOps from within their iT security function.  The researchers found that nearly three-quarters of security operations (SecOps) leaders say the stresses of alert overload are impacting their home lives. Over half (51%) of the participants stated that their team is being overwhelmed by the volume of alerts, and 55% admitted that they aren’t confident in their ability to prioritize and respond to them. On average, respondents said they’re spending over a quarter (27%) of their time dealing with false positives.  This is taking its toll emotionally, with 70% of participants claiming they feel so stressed outside of work that they cannot switch off or relax and are irritable with friends and family.  In the SOC or IT security department, many admitted to turning off alerts (43%), walking away from their computer (43%), hoping another team member would step in (50%), or ignoring alerts entirely (40%).  The researchers stated that the research revealed the inadequacy of current tooling to help SOCs and SecOps to prioritize alerts generated from multiple security controls.

 

Infosecurity reports: "Alert Overload Distressing 70% of SecOps Teams"

Submitted by Anonymous on