IT & DATA MANAGEMENT RESEARCH,
INDUSTRY ANALYSIS & CONSULTING

CONTACT    SIGN IN    SIGN UP
    
White Paper
InfoBrief: A Day in the Life of a Cyber Security Pro
Date: 05/17/2017 Length: 12 pages Cost: $99.00

            Linked In    

Abstract:
The data indicates that alerting systems are not operating in a generally efficient manner. Many incidents are automatically misclassified as critical alerts. By itself this problem is unacceptable, but added to the fact that a large number of alerted incidents are actually false positives that should not have been generated in the first place, it is becoming easier to see why security teams feel stressed and overwhelmed. Because of the time needed to manually investigate each alert to determine whether it is really critical or a false positive, teams are falling behind on alerts--creating a huge backlog of unworked tickets. This is a strong reason why dwell time for breaches is over six months. Many organizations turn to ìtuningî systems to reduce generated alerts, leading to the scenario where real alerts are never generated due to improper tuning.

While larger teams could solve the problem, trained personnel are not available and this particular solution does not scale. It also does not address the root of the problem. Ultimately, this is a tools issue. The systems are not given enough context at alert creation to properly classify the incoming alerts and identify vulnerabilities.

Read more to understand the issues surrounding these problems. 
Author:

David Monahan


 




EMA Services

IT Professionals

EMA can help you:

  • Support your decisions
  • Succeed with key projects
  • Align IT with the business

Learn More!

IT Vendors

EMA can help you:

  • Build the right product
  • Reach the right prospects
  • Establish market credibility

Learn More!

EMA Advisory Notes Service

An Affordable Way to Stay on Top of Key Trends & Industry Events

Subscribe now

EMA Premium Research Service

In-Depth Insight into IT Management Benefits, Challenges & Best Practices in the Enterprise

Subscribe now




©1996-2017 Enterprise Management Associates, Inc. All rights reserved.
EMA™, ENTERPRISE MANAGEMENT ASSOCIATES®, and the mobius symbol are registered trademarks or common-law trademarks of Enterprise Management Associates, Inc.
Site Terms & Conditions | Integrity Policy | Site Map | My Account
Hide
Subscribe to EMA RSS Feed
Email
Show