An Imperva survey conducted during RSA 2018 on cybersecurity event alerts found that a staggering 27 percent of IT professionals reported receiving more than one million threats daily, while 55 percent noted more than 10,000. Ultimately this overwhelming volume is causing cybersecurity alert fatigue.
DevEX - reference for building teams, processes, and platforms
Survey: CyberSecurity Event Alerts Overwhelming Security Teams
1. Survey Reveals Security
Professionals are Suffering
from Security Alert Fatigue
Survey of 179 IT professionals taken at the RSA Conference in April 2018
2. IT security analysts receives thousands of
security alerts daily. To understand the impact
of these alerts, Imperva surveyed 179 security
professionals at RSA Conference 2018, the
world’s largest cyber security gathering.
3. How many security alerts does your security
operations center (SOC) receive daily?
50K to 99,999
7%
10K – 49,999
13%
0 – 9,999
45%
100K to 999,999
8%
More than 1M
27%
5. What happens when your SOC
has too many alerts to process?
Turn off alert notifications
4%Hire more
SOC engineers
10%
Ignore certain
categories of alerts
30%
Tune policies to
reduce alert volume
57%
6. Have you ever ignored an alert due to a previous
experience with “false positive” alerts?
Yes56% No44%
7. Does the volume of security alerts at your organization
cause the SOC team to feel frustrated or stressed?
No stress
6%
Average amount of
stress/frustration
28%
High amount of
stress/frustration
54%
Some stress/
frustration
11%
8. On a daily basis, how much time does your SOC team
spend dealing with security alerts?
Less than 1 hour
15%
1 – 2 hours
17%
2 – 4 hours
22%
More than 4 hours
47%
9. Enterprise security teams are often overwhelmed by an
avalanche of security alerts and have difficulty identifying
credible issues against false positives. To address this,
organizations should look to security solutions that harness
the power of artificial intelligence to group like events
together and ultimately reduce the number of alerts so that
teams can address critical issues more quickly and effectively.
— Terry Ray, chief technology officer, Imperva
”
“
10. L E A R N M O R E
To learn more about how to use AI to
handle alert fatigue, click the button below.
11. Imperva is a leading cybersecurity company that delivers best-in-class
solutions to protect data and applications – wherever they reside –
on-premises, in the cloud, and across hybrid environments.