Security News > 2021 > March > Alert overload still plagues cybersecurity industry

Alert overload still plagues the cybersecurity industry, according to Critical Start.

Forty-seven percent of respondents reported personally investigating 10 to 20 alerts each day, a 12% increase from 2019.

25% of respondents said they investigate 21 to 40 alerts each day, up from 14% the year prior.

"This is a problem that isn't going away, so it is imperative that enterprises invest in the people, process, and technology that are needed to combat this alert overload.".

Reseachers surveyed 100 SOC professionals across enterprises, Managed Security Services Providers and Managed Detection & Response providers to evaluate the state of incident response within SOCs from a variety of perspectives, including alert volume and management, business models, customer communications, and SOC analyst training and turnover.

Turning a blind eye: Almost half of all respondents said they turn off high volume alerting features when there are too many alerts for analysts to process, creating the potential for a legitimate and serious alert to be missed.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/vIcy4gxpohk/