IT disaster recovery, cloud computing and information security news

Daisy

Security teams spend 25 percent of their time chasing false positives

Exabeam and the Ponemon Institute, have published research results which reveal that on average, security personnel in US enterprises waste approximately 25 percent of their time chasing false positives because security alerts or indicators of compromise (IOCs) are erroneous. The report also highlighted the need for security operations centre (SOC) productivity improvements, citing that security teams must evaluate and respond to nearly 4,000 security alerts per week.

The persistent struggle to improve productivity revealed the need for newer security information and event management (SIEM) technologies such as user and entity behaviour analytics (UEBA) and security orchestration, automation and response (SOAR).

While the study found that chasing false positives is the most time-consuming task for security teams, it also showed that investigating actionable intelligence and building incident timelines, and cleaning, fixing and/or patching networks, applications and devices resulting from an incident, each take over 15 percent of a security team’s time. These inefficiencies can extend response times to cyber attacks, leaving organizations vulnerable to data and financial losses for longer periods.
  
The Ponemon survey, sponsored by Exabeam, sought the opinions of 596 experienced IT and IT security practitioners in the United States. All respondents were familiar with their organization’s SIEM deployment and involved in the detection, investigation and/or remediation of security threats inside its network.

More details.



Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.