Security operations (SecOps) teams are struggling to respond to dozens of cybersecurity incidents every single day, according to a new report from Trellix.
The security vendor polled 9000 security decision makers from organizations with 500+ employees across 15 markets to compile its latest study, XDR: Redefining the future of cybersecurity.
It found that the average SecOps team has to manage 51 incidents per day, with 36% of respondents claiming they deal with 50 to 200 daily incidents. Around half (46%) agreed that they are “inundated by a never-ending stream of cyber-attacks.”
Part of the problem is the siloed nature of security and detection and response systems, the study claimed.
Some 60% of respondents argued that poorly integrated products mean teams can’t work efficiently, while a third (34%) admitted they have blind spots.
It’s perhaps no surprise, therefore, that 60% admitted they can’t keep pace with the rapid evolution of security threats.
This could be having a major impact on the bottom line. The vast majority (84%) of security decision makers Trellix spoke to estimated that their organization lost up to 10% of revenue from security breaches in the past year.
Medium size businesses ($50–$100m in revenue) lost an average of 8% in revenue, versus 5% for large businesses with a turnover of $10bn–$25bn. That could mean hundreds of millions of dollars are being thrown away each year due to inadequate SecOps.
Separate studies have highlighted the physical and mental toll this can take on SecOps analysts.
A Trend Micro report from last year claimed that 70% of first responders feel so stressed outside of work that they are unable to switch off or relax, and are irritable with friends and family.
Worse still, this pressure is leading to poor outcomes for threat detection and response.
In the SOC or IT security department, many respondents admitted turning off alerts (43%), walking away from their computer (43%), hoping another team member will step in (50%) or ignoring alerts entirely (40%).