A quarter of the working week (10 hours) is spent addressing false positive alerts, a survey of 600 IT and cybersecurity professionals has revealed.
Conducted by security company Deep Instinct, the survey found the rest of the time is spent keeping the boat afloat, by rolling out security patches and software updates. Consequently, very little time is left for improvements or creative thinking.
False positives happen when cybersecurity tools spot potentially dangerous network or app behavior, which turns out to be benign. Lately, many IT teams have been adding multiple new tools to their arsenal, but this has contributed to serious alert fatigue, which is a risk in itself.
According to the report, ransomware and zero-day attacks are now considered the number one threat by most organizations, mostly because employees can’t keep up with the cadence of cyberattacks.
To make matters worse, the overwhelming volume of false positives greatly contributes to low staff morale.
“Recent major events have placed a heightened priority on security, but these threats have long deserved the attention they’re just now getting on a global level. As we work to implement a stronger layer of defense, it will be just as important to protect the hard-working employees that sit in the SOC as it is to secure the business,” said Guy Caspi, Deep Instinct CEO.