 |
VOOZH | about |
|
VOOZH | about |
We’re so glad you’re here. You can expect all the best TNS content to arrive Monday through Friday to keep you on top of the news and at the top of your game.
Check your inbox for a confirmation email where you can adjust your preferences and even join additional groups.
Follow TNS on your favorite social media networks.
Become a TNS follower on LinkedIn.
Check out the latest featured and trending stories while you wait for your first TNS newsletter.
Cloud security has reached a new level of complexity. As code is being deployed to the cloud at breakneck speed, bugs and security holes abound. Large-scale breaches resulting from human error have become commonplace.
Security professionals are under increased pressure to protect their multicloud environments.
In this complex and fast-paced environment, defenders can’t afford to waste time investigating hundreds to thousands of unprioritized, duplicative and/or inaccurate alerts. Security teams become overwhelmed as they spend hours each day reviewing alerts to determine which issues need to be fixed first.
This results in missing alerts that matter, low morale and turnover — all of which are symptoms of alert fatigue.
Security teams waste valuable time manually correlating high-volume, low-risk alert data from multiple security tools. These alerts lack context and actionable details, forcing security professionals to do all the heavy lifting. And with a flood of false positives, teams become desensitized to alerts and miss the ones that matter most. The result? Alert fatigue.
New research shows that alert fatigue often occurs when different security tools generate alerts spread across multiple clouds.
Recently, Orca Security commissioned a survey of 813 IT security professionals to understand the prevalence and effects of alert fatigue. The results were shocking. Fifty-nine percent of respondents reported receiving more than 500 security alerts every day from their public cloud security tools.
As more organizations move to multicloud environments, security teams are adopting different types of disconnected tools that contribute to daily alert volume.
As shown in the chart below, companies are adopting a multicloud strategy. The vast majority (81%) of respondents reported they use more than one public cloud platform; 55% of respondents reported using three or more.
In addition, the vast majority of respondents use three or more public cloud security tools (87%), with 57% using five or more. As shown in the chart below, there appears to be a correlation between number of tools and alert fatigue.
The types of tools most used are network scanning tools (84%), followed closely by cloud platform-native security tools (82%).
A notable trend was revealed when respondents with multicloud environments and multiple tools deployed reported experiencing the highest volume of daily alerts.
The data show that the more tools security teams deploy, the more alerts they receive. The proportion of false positives also seems to increase as more tools are deployed. This adds more alerts to the daily stream, some of which are multiple tools reporting the same issues, creating duplicate work for security teams.
Alert fatigue has now become a critical risk for IT and security leaders to manage. In fact, 55% of respondents said their team has missed critical alerts in the past due to ineffective alert prioritization. Of these respondents, 22% said they missed critical alerts daily, 41% weekly and 26% monthly.
According to the survey, the respondents’ awareness of security tool performance may be part of the problem. While the vast majority of the IT security decision-makers noted they believe their cloud security tools work fine, they still report alert fatigue as a significant problem and have experienced security issues as a result. Ninety-five percent of respondents feel confident in the accuracy of their security tools, yet 43% say more than 40% of their alerts are false positives and/or a low priority. It’s clear that there are some rose-colored glasses when it comes to cloud security tool performance.
The number of security alerts flowing out of public cloud environments wastes valuable time and hurts morale. Fifty-six percent of respondents say they spend more than 20% of their day prioritizing alerts for investigation.
Sixty-two percent reported alert fatigue as a contributing factor to turnover — something organizations can ill afford in an environment with a zero unemployment rate for IT security professionals.
The new report provides five ways that IT security leaders can address alert fatigue while improving security outcomes.
To benchmark yourself against your peers and gain valuable insights and best practices, download the Orca Security 2022 Cloud Security Alert Fatigue Report.
