Analysts need advanced automation tools to reduce fear of missing incidents

2021-02-17 05:00

Security analysts are becoming less productive due to widespread "Alert fatigue" resulting in ignored alerts, increased stress, and fear of missing incidents, according to an IDC survey of 350 internal and MSSP security analysts and managers.

"To solve these challenges, analysts are asking for advanced automation tools, like Extended Detection and Response, which can help reduce the fear of missing incidents while strengthening their SOC's cybersecurity posture."

Fear of missing incidents impacting most security analysts and managers.

As analysts experience more challenges managing alerts manually, their worry of missing an incident also increases: Three in four analysts are worried about missing incidents, and one in four worry "a lot" about missing incidents.

Analysts need automated SOC solutions to combat FOMI. Less than half of enterprise security teams are currently using tools to automate SOC activities: Respondents shared the top tools they use to investigate alerts, showing that less than half use artificial intelligence and machine learning technologies, security orchestration automation and response tools, security information and event management software, threat hunting, and other security functions.

To manage their SOCs, security teams need advanced automated solutions to reduce alert fatigue and improve success by focusing on more high-skilled tasks like threat hunting and cyber investigations: When ranking the activities that are best to automate, threat detection was the highest on the analysts' wish list, followed threat intelligence and incident triage.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/NKhkPWMamaA/

#automation #tools