It shows that 71% of organisations may have experienced a data or cyber breach and not be aware about it, with the report suggesting that modern security technologies are currently not fit for purpose.
This news comes at a time of mass cyber insecurity, as many reports are being released detailing how cyber attacks have become increasingly more sophisticated. It ultimately speaks to wider concerns about increased cyber threats and the warfare on online security systems.
Cybersecurity operations cannot deal with 67% of alerts
It is very important for organisations to prioritise cybersecurity and to put protective measures in place, including 2FA, audits and employee education.
According to Vectra’s report, more attacks results in more alerts and more costs for the company, as well as greater inefficiencies leading to more company breaches. The report also surmised that 97% of analysts are worried they will miss security threats and how analysts are being overwhelmed, as they receive 4,484 alerts on average per day, but can’t cope with 67% of them.
As a result, two thirds (67%) of SecOps (Security Operations) analysts are considering or actively leaving their jobs.
Vectra’s survey of more than 2,000 IT security analysts found the size of their organisation’s attack surface (63%) and the number of security tools (70%) and alerts (66%) they manage, has significantly increased in the past three years.
- 39% say that it is only a matter of time until they miss something
- 39% agree that security tools increase their workload rather than reduce it
- 41% agree that security vendors flood analysts with pointless alerts due to being afraid of not flagging a breach
In addition, less than a third of security analysts believe their tools are “very effective,” as analysts acknowledge the same tools are responsible for fostering a growing number of blind spots and are contributing to an overload in alerts.
Sorting through false alerts costs organisations approximately US$3.3bn annually in the US alone, according to the report.
Warnings in a report such as this highlight the huge impact that ransomware and cybersecurity attacks are having on businesses worldwide. Businesses are already missing crucial hacks, much like Fujitsu at the end of 2022 whose security failings resulted in the company not detecting the data breach for eight months and more than 1700 companies being impacted.
In May 2023, over 98 million records were compromised alone.
“As enterprises shift to hybrid and multi-cloud environments, security teams are continually faced with more - more attack surface, more attacker methods that evade defences, more noise, more complexity, and more hybrid attacks,” said Kevin Kennedy, Senior VP of Products for Vectra AI.
“The current approach to threat detection is broken, and the findings of this report prove that the surplus of disparate, siloed tools has created too much detection noise for SOC analysts to successfully manage and instead fosters a noisy environment that’s ideal for attackers to invade.
He continued: “As an industry, we cannot continue to feed the spiral, and it’s time to hold security vendors accountable for the efficacy of their signal. The more effective the threat signal, the more cyber resilient and effective the SOC becomes.”
Please also check out our upcoming event - Sustainability LIVE in London on September 6-7 2023.
BizClik is a global provider of B2B digital media platforms that cover Executive Communities for CEOs, CFOs, CMOs, Sustainability Leaders, Procurement & Supply Chain Leaders, Technology & AI Leaders, Cyber Leaders, FinTech & InsurTech Leaders as well as covering industries such as Manufacturing, Mining, Energy, EV, Construction, Healthcare + Food & Drink.
BizClik – based in London, Dubai, and New York – offers services such as Content Creation, Advertising & Sponsorship Solutions, Webinars & Events.