From Reactive to Proactive: How to Avoid Alert Fatigue

|

article image
Alert fatigue. As cybersecurity teams and technologies get better at detecting threats, they are also becoming more inundated with alerts, warnings, and notifications. As a result, IT and cybersecurity professionals become desensitized to alerts, and may be less inclined to address them. In fact, 80% of organizations that receive more than 500 critical alerts per day investigate less than 1% of them1 . Many refer to this issue as “alert fatigue” since the constant barrage leaves you with too many alerts and not nearly enough time to respond to them all. If your team receives hundreds of alerts a day that are all labelled as the highest priority (or worse, not prioritized at all), how can they possibly know where to begin and which fires to put out first? Choosing incorrectly or not knowing where to begin wastes precious resources and may allow breaches to persist in your network for longer.

Spotlight

Secure Digital Solutions

Secure Digital Solutions (SDS) is one of the most seasoned consulting firms in information security management and governance, enterprise risk and compliance, and data privacy. We help CISOs integrate operations and GRC under maturity-based security management. Our engagements range from annual assessments and audit liaison work, to continuous information security management as a virtual security team.

OTHER ARTICLES

Authentication and Passwords Concerns Top New Ponemon Institute Report

Article | February 20, 2020

IT security practitioners are aware of good habits when it comes to strong authentication and password management, yet often fail to implement them due to poor usability or inconvenience, says the 2020 State of Password and Authentication Security Behaviors Report by Yubico and Ponemon Institute. According to the report,IT security practitioners and individuals are both engaging in risky password and authentication practices, yet expectation and reality are often misaligned when it comes to the implementation of usable and desirable security solutions. The tools and processes that organizations put in place are not widely adopted by employees or customers, making it abundantly clear that new technologies are needed for enterprises and individuals to reach a safer future together.

Read More

Covid-19 cyber security threat to impact businesses

Article | February 20, 2020

With millions of employees having to work from home, companies are having to look at how to keep as many business-critical functions running as possible while at the same time maintaining adequate security. “In the last week alone, we have seen phishing emails go from 25,000 a day to 125,000 – a 500 per cent increase – which means the risk is real," explains Andrew Jackson, CEO of Intercity Technology. "Whilst firewalls included within domestic broadband routers are considered sufficient for personal use and occasional homeworking, they’re not necessarily capable of withstanding prolonged periods of remote working from a large proportion of the workforce, which is why we are seeing more businesses and their employees become the targets of malicious hackers. "Just because employees are now home based doesn’t mean that security and privacy regulations such as GDPR are null and void and therefore, working closely with a trusted IT security partner is vital to help mitigate against any potential risks.

Read More

The British government thinks process sensor cyber issues are real – what about everyone else

Article | February 20, 2020

When Joe refers to analogue devices, he is generally referring to ISA99 / IEC 62443 Level 0 devices, i.e. the sensors and actuators required in any cyber physical system. The vulnerability of these devices is often ignored as the security measures required to protect them are not purely technical but also involve physical and personnel security aspects along with process security (both of the metrology and processing by the device, as well as configuration management and control issues over the lifecycle of analogue devices). The security situation is not helped by the simplistic application of the triad of security goals (confidentiality, integrity and availability) to cyber physical systems.

Read More

What is Ransomware and What You Need to Know to Stay Safe?

Article | February 20, 2020

While there may be more than 1 billion pieces of malware prowling the internet for a chance to infect victims, one particular piece of nastiness has been inflicting financial losses and security headaches for years.Known as ransomware, its sole purpose is to block access to computer systems or files until the victim pays a ransom. These ransom demands fluctuate wildly, from the equivalent of a couple of hundred dollars to several hundred thousand. In the simplest terms, ransomware is a piece of malicious software that prevents users from using their devices or accessing their personal or important files, unless a sum of money is paid. Payment is usually demanded in cryptocurrency, such as Monero or Bitcoin. Victims are told to purchase these digital assets and then transfer them to the attackers.

Read More

Spotlight

Secure Digital Solutions

Secure Digital Solutions (SDS) is one of the most seasoned consulting firms in information security management and governance, enterprise risk and compliance, and data privacy. We help CISOs integrate operations and GRC under maturity-based security management. Our engagements range from annual assessments and audit liaison work, to continuous information security management as a virtual security team.

Events