A majority (80 percent) of organizations receiving 500 or more severe/critical alerts per day currently investigate less than one percent of those alerts, according to a new research report from Enterprise Management Associates (EMA), sponsored by Savvius, entitled Achieving High-Fidelity Security.
Some other key takeaways from the study include:
■ Not only do 68 percent of organizations suffer from some sort of staffing impact to their security teams, but larger organizations are collecting gigabytes to terabytes of data each day. It is impossible for organizations to hire enough people to create adequate context for the data and thus provide high-fidelity security information.
■ The adoption of tools that automate data capture increases the level of high-fidelity security information available to IT teams, greatly minimizing the risk of security breaches and the subsequent damage to targeted companies.
According to the author of the report, David Monahan, Research Director for Security and Risk Management at EMA, "Some companies turn a blind eye to network segments by not having their monitoring systems turned on or even installed, while others have log detail and collection settings that may not be high enough to provide sufficient detail. The data tells us they prefer to believe that they are protected, when in truth they are not. This phenomenon was common across various industry verticals and organization sizes, and was termed the Bravado Factor."
Mandana Javaheri is CTO of Savvius.