Australian security teams inundated with inaccurate alerts

A new report says Australian IT teams are being inundated with inaccurate cloud security alerts.

Cloud security specialist Orca Security surveyed 800+ IT and security workers in the US, Australia, UK, Germany and France to produce the ‘2022 Cloud Security Alert Fatigue Report’. The study found that 61% of Australian respondents receive more than 500 cloud security alerts per day — a large number of which are inaccurate or unnecessary.

Over a third (36%) of respondents said more than 40% of alerts are false positives, while more than 42% of respondents claim that over 40% of alerts are low priority.

This volume and inaccuracy leaves Australian organisations open to missing critical alerts. Of the 56% of respondents that claim critical alerts are being missed, 39% said this happens on a weekly basis, while 20% found it was a daily occurrence.

“Multiple, disconnected tools continue to plague security teams. Having to sift through hundreds of ‘high priority’, often meaningless alerts is causing security practitioners to become overwhelmed and leading to burnout and turnover. Australia is already in the midst of an ongoing skills shortage, with technology and cybersecurity staff in high demand, as a result of COVID-enforced border closures. Businesses therefore need to leverage technology to lighten the workload for staff, rather than having technology complicate tasks, in order to retain good talent,” said Avi Shua, CEO and co-founder, Orca Security.

“Practitioners should be enabled to focus on the very few toxic combinations of alerts and attack paths that can put their crown jewels in jeopardy, rather than trying to review thousands of meaningless alerts which are occurring as a result of businesses using multiple siloed public cloud security tools. Australian businesses need to work smarter not harder, and consolidate their tools, in order to protect their most valuable assets — their people and their data.”

Additional Australian findings suggest that security teams may be in denial about the effectiveness of their multiple security tools.

• 61% have five or more public cloud security tools.
• 94% of respondents say they feel confident or very confident in the accuracy of their security tools, even though 36% say more than nearly half (40%) of alerts are false positives.
• 97% of respondents say they are satisfied or very satisfied with how their security tools prioritise risk, even though 42% say that more than 40% of alerts are low priority.
   

For more information on the findings, you can download the Global Alert Fatigue Report here, with Australian-specific statistics located on page 21.

Image credit: ©stock.adobe.com/au/suebsiri