Security pros are missing attacks due to an overload of pointless alerts

News
By
published

Security teams overwhelmed with notifications from vendors

cyber security
(Image credit: Pixabay)

It probably isn't much of a surprise that workers are overwhelmed with notifications and emails on a daily basis, but new research has suggested this is actually having a detrimental effect on day-to-day cybersecurity operations.

A Vectra AI survey has shown that 71% of security practitioners worry that they will miss a real attack buried in a flood of inconsequential alerts, as vendors scramble to cover all bases in an ever evolving threat landscape.

In some cases, threat detection tools are causing more problems than they solve, as 47% don’t trust their tools to work the way they need them to, and the majority (54%) say their workload has actually increased instead.

The signal and the noise

A staggering 81% of security pros spend over 2 hours per day trawling through and triaging security events, reporting that only 16% of the alerts they receive are ‘real attacks’.

Things are improving though, with teams are more confident in their defenses than they were a year ago. The introduction of AI is helping, with 73% saying their workload and burnout have reduced thanks to AI. Since AI is playing a bigger role in cyberattacks, many security pros are adopting it as part of their response.

“Teams believe AI delivers an attack signal that will help them identify and prioritize threats, accelerate response times, and reduce alert fatigue, however, trust needs to be rebuilt. AI-powered offerings are proving to have a positive impact, but to truly reestablish trust, vendors will need to show how they add value beyond just the technologies they sell,” said Mark Wojtasiak, vice president of research and strategy at Vectra AI.

The trust has certainly been broken between practitioners and vendors, so the introduction of AI tools may take some convincing, but almost all (89%) plan to use more AI tools to replace legacy threat detection and response.

More from TechRadar Pro

Ellen Jennings-Trace
Ellen Jennings-Trace
Staff Writer

Ellen has been writing for almost four years, with a focus on post-COVID policy whilst studying for BA Politics and International Relations at the University of Cardiff, followed by an MA in Political Communication. Before joining TechRadar Pro as a Junior Writer, she worked for Future Publishing’s MVC content team, working with merchants and retailers to upload content.