CRITICALSTART released its third-annual Security Operations Center (SOC) survey today, revealing that alert-overload still plagues the cybersecurity industry. Forty-seven percent of respondents reported personally investigating 10 to 20 alerts each day, a 12-percent increase from 2019. Moreover, 25-percent of respondents said they investigate 21 to 40 alerts each day, up from 14-percent the year prior.
The Dallas-based security firm’s third-annual report – Alert Overload Still Plagues Cybersecurity Industry – surveyed 100 SOC professionals across enterprises, Managed Security Services Providers (MSSP) and Managed Detection & Response (MDR) providers to evaluate the state of incident response within SOCs from a variety of perspectives, including alert volume and management, business models, customer communications, and SOC analyst training and turnover.
Other key findings include:
- Positively False: Nearly 70-percent of respondents (68%) said that 25 to 75-percent of the alerts they investigate on a daily basis are false positives.
- Turning a Blind Eye: Almost half (49%) of all respondents said they turn off high volume alerting features when there are too many alerts for analysts to process, creating the potential for a legitimate and serious alert to be missed.
- Back to School: 95-percent of respondents now report receiving more than 10 hours of training each year.
Additionally, CRITICALSTART used this year’s survey to examine the impact of COVID-19 on the cybersecurity industry during 2020. Key takeaways include:
- 66-percent of survey takers reported seeing an increase in alerts since the known spread of COVID-19 began in mid-March of 2020.
- 89-percent said they had been forced to work remotely as a result of COVID-19.
- 80-percent reported taking steps to change the security posture of their organization because of COVID-19 induced remote work.
To view the full report, please click here.
Like this:
Like Loading...
Related
This entry was posted on March 9, 2021 at 11:31 am and is filed under Commentary with tags CRITICALSTART. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Alert Overload, False Positives Still Plague Cyber Industry: CRITICALSTART
CRITICALSTART released its third-annual Security Operations Center (SOC) survey today, revealing that alert-overload still plagues the cybersecurity industry. Forty-seven percent of respondents reported personally investigating 10 to 20 alerts each day, a 12-percent increase from 2019. Moreover, 25-percent of respondents said they investigate 21 to 40 alerts each day, up from 14-percent the year prior.
The Dallas-based security firm’s third-annual report – Alert Overload Still Plagues Cybersecurity Industry – surveyed 100 SOC professionals across enterprises, Managed Security Services Providers (MSSP) and Managed Detection & Response (MDR) providers to evaluate the state of incident response within SOCs from a variety of perspectives, including alert volume and management, business models, customer communications, and SOC analyst training and turnover.
Other key findings include:
Additionally, CRITICALSTART used this year’s survey to examine the impact of COVID-19 on the cybersecurity industry during 2020. Key takeaways include:
To view the full report, please click here.
Share this:
Like this:
Related
This entry was posted on March 9, 2021 at 11:31 am and is filed under Commentary with tags CRITICALSTART. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.