A new report reveals that cybersecurity analysts and teams are getting worn down by alert fatigue.
We've heard plenty of talk about this at SecureWorld conferences, and now researchers are putting numbers on the face of the problem.
HealthITSecurity has a good write-up on this:
To address alert fatigue, 57 percent of respondents tune specific alerting features or thresholds to reduce alert volume. This was the primary approach of 67 percent of respondents in 2018. Another 39 percent simply ignore certain categories of alerts, while 38 percent turn-off high-volume alerting features. Thirty-eight percent hire more SOC analysts.
"The alert overload problem extends beyond enterprise security levels and analyst investigation time, it fundamentally drives the business models, impacting staffing and operational processes," researchers wrote.
