Almost a third of IT professionals ignore cyber security alerts
Just over 30 percent of IT professionals admit to sometimes ignoring security alerts because of high volumes of false positives.
This is among the findings of a new survey from Skyhigh Networks conducted along with the Cloud Security Alliance which also reveals that 20 percent of companies have more than ten security tools that generate alerts.
Incident response will be the most important new skill in the next five years according to 80.4 percent of respondents. In addition 62.1 percent of businesses have security concerns about public cloud platforms such as AWS and Azure, 40.5 percent believe that they can't secure applications on these platforms, and 37.9 percent view the inability to store data in their own country to ensure compliance with data regulations as an issue.
The survey indicates that the use of endpoint agents has increased. However, all businesses indicated that they have experienced at least one significant issue -- such as driver conflicts, slow device performance or system crashes -- during deployment.
Whilst 94.3 percent of respondents expect their IT security budgets to increase or stay the same, they rank offshoring and increasing formal university education and as the least effective ways of handling the shortage of skilled IT security professionals.
"Alert fatigue is becoming a serious issue with 30 percent of organizations regularly ignoring them due to the frequency of false positives. Target is repeatedly referred to as an example of what can happen if cyber alerts aren't properly investigated, but its decision to not examine its red flags resulted in huge damage to its reputation and bottom line," says Nigel Hawthorn, chief European spokesperson at Skyhigh Networks. "The frequency and sophistication of cyber threats is exposing a serious lack of the relevant skills needed to maximize the full value of new technology. Businesses are forever playing catch up with hackers who are discovering new ways of probing networks, and firms are turning to more advanced cyber security solutions to compensate. To resolve the skills shortage, 37 percent of businesses believe that hiring junior IT professionals and investing in training is the most effective way".
More information on the findings is available on the Skyhigh blog.