67% of daily security alerts overwhelm SOC analysts

2023-07-20 03:30

Manual alert triage costs organizations $3.3 billion annually in the US alone, and security analysts are tasked with the massive undertaking of detecting, investigating and responding to threats as quickly and efficiently as possible while being challenged by an expanding attack surface and thousands of daily security alerts.

On average, SOC teams receive 4,484 alerts daily and spend nearly three hours a day manually triaging alerts.

Security analysts are unable to deal with 67% of the daily alerts received, with 83% reporting that alerts are false positives and not worth their time.

Despite a majority of SOC analysts reporting their tools are effective, the combination of blind spots and a high volume of false positive alerts are preventing enterprises and their SOC teams from successfully containing cyber risk.

The study also found that 97% of SOC analysts worry about missing a relevant security event because it's buried under a flood of alerts the vast majority deem their tools effective overall.

Faced with alert overload and repetitive, mundane tasks, two-thirds of security analysts report they are considering or actively leaving their jobs, a statistic that poses a potentially devastating long-term impact to the industry.

News URL

https://www.helpnetsecurity.com/2023/07/20/soc-analysts-tools-effectiveness/

#security #SOC