ANZ SOC teams overconfident in security methods

Security operations teams in Australia and New Zealand are overestimating the effectiveness of their cybersecurity methods, according to research from threat detection and response company Vectra AI.

The company’s 2023 State of Threat Detection Research Report found that 88% of security operations centre analysts across the two markets feel their current cybersecurity methods are effective, despite the fact that they are unable to deal with 66% of alerts received.

Nearly seven in 10 (69%) respondents to a survey conducted for the report stated that the size of their attack surface has increased in the past three years, with SOC teams on average receiving 4450 alerts daily and spending nearly three hours per day manually triaging alerts.

These pressures are causing significant analyst burnout, with 58% of ANZ respondents considering leaving their job. Of those considering leaving, 37% attributed the decision to spending all their time sifting through poor-quality alerts, 44% reported feeling stressed all the time and 45% complained that they do not have the tools needed to secure their organisation.

Vectra AI Director of Security Engineering for Asia-Pacific and Japan Chris Fisher said the findings demonstrate that security teams are struggling with inadequate tools.

“SOC teams are, understandably, overwhelmed. The report highlights the disconnect between how teams view their security tools and solutions, and the fact that this tooling not only isn’t supportive but is greatly adding to existing pressure,” he said.

“We all know that hackers are becoming more sophisticated, but the solution is not to create more alerts. We need to be investing in solutions that look more closely at attacker behaviour and are able to filter out what doesn’t require further attention and what could be more serious.”

Image credit: iStock.com/Dilok Klaisataporn