Share this article on:
Orca Security has launched its Orca Security 2022 Cloud Security Alert Fatigue Report, the industry’s first research report on public cloud security alert fatigue which revealed that Australian security teams are inundated with inaccurate cloud security alerts.
The research report, which surveyed IT and security professionals across multiple industries, found that 61 per cent of Australian respondents receive more than 500 cloud security alerts per day. A large number of which are inaccurate or unnecessary; over a third (36 per cent) of respondents said more than 40 per cent of their alerts are false positives. Furthermore, 42 per cent of respondents claim more than 40 per cent of alerts are low priority.
The overload of alerts, combined with widespread inaccuracy of the alerts is not only contributing to turnover but is also resulting in many Australian businesses missing critical alerts. Of the 56 per cent of respondents who say that critical alerts are being missed, 39 per cent said alerts are being missed on a weekly basis, and 20 per cent said on a daily basis.
According to Avi Shua, CEO and co-founder of Orca Security, multiple, disconnected tools are continuing to plague security teams.
“Having to sift through hundreds of ‘high priority’ often meaningless alerts is causing security practitioners to become overwhelmed and leading to burnout and turnover.
“Australia is already in the midst of ongoing skills shortage, with technology and cyber security staff in high demand, as a result of COVID enforced border closures.
“Businesses therefore need to leverage technology to lighten the workload for staff, rather than having technology complicate tasks, in order to retain good talent,” Shua said.
The findings suggest that security teams may be in denial about the effectiveness of their multiple security tools:
Orca Security is designed to provide instant-on security and compliance for AWS, Azure and GCP without the gaps in coverage, alert fatigue, and operational costs of agents or sidecars – simplifying cloud security operations with a single CNAPP platform for workload, data protection, cloud security posture management (CSPM), vulnerability management, and compliance.
Shua further explains that practitioners should be enabled to focus on the very few toxic combinations of alerts and attack paths that can put their crown jewels in jeopardy, rather than trying to review thousands of meaningless alerts which are occurring as a result of businesses using multiple siloed public cloud security tools.
“Australian businesses need to work smarter not harder and consolidate their tools in order to protect their most valuable assets – their people and their data,” Shua concluded.
[Related: Palo Alto pushing increased checks and balances on Critical Infrastructure Bill power]