Over a Quarter of Security Alerts Are False Positives

More than a quarter of security alerts fielded within organizations are false positives, according to new research from the Neustar International Security Council (NISC).

The NISC surveyed senior security professionals across five European markets and the US, highlighting the risks of alert fatigue currently being faced by businesses around the world.

As detailed in the research, more than two-fifths (43%) of organizations experience false positive alerts in more than 20% of cases, while 15% reported more than half of their security alerts are false positives.

The survey also revealed that enterprises, in response to growing cybersecurity threats, are investing more resources in network monitoring and threat intelligence technologies that create more alerts – and thus more false positives – for security teams.

“Security tools that simply produce large quantities of data to be analyzed, without contextualizing potential threats, are contributing to data overload, alert fatigue and burnout,” said Rodney Joffe, chairman of the NISC and SVP and fellow at Neustar.

“Cybersecurity teams are increasingly drowning in data and are overwhelmed by the massive volume of alerts, many of them false positives. To ensure these high-value employees in mission critical roles are well-equipped to separate the signal from the noise, enterprises need a curated approach to security data that provides timely, actionable insights that are hyper relevant to their own organization and industry.”

Curated threat data helps enterprises to counter real threats more effectively and spend less time chasing false positives, Joffe concluded.

What’s Hot on Infosecurity Magazine?