Friday, 29th March 2024
To guardian.ng
Search
Breaking News:

FireEye Says Cyber Defenses are Dilemmas to Security Teams

By Bankole Orija
01 October 2015   |   10:55 pm
In the report, “Spoiler Alerts: Four Ways Conventional Cyber Defenses Hinder, not Help, Security Teams” made available to Nigeria CommunicationsWeek, FireEye, a provider of next generation threat protection solutions, warned that too many alerts overwhelm security teams.

cyberSecurityA REPORT has revealed that most times, conventional cyber defenses actually hinder, not help, security teams.
In the report, “Spoiler Alerts: Four Ways Conventional Cyber Defenses Hinder, not Help, Security Teams” made available to Nigeria CommunicationsWeek, FireEye, a provider of next generation threat protection solutions, warned that too many alerts overwhelm security teams.

According to the report, alerts do not equal security, as a cyber defense that generates more alerts than insight can leave organizations less secured.

FireEye pointed out that “Today’s cyber defenses generate a torrent of security alerts. Some of them can be useful, even essential. Many are not. And telling the difference isn’t always easy. ‘Ask any security professional working incident response or within a security operations center, and they will tell you that deciding which threats to pursue and which to ignore has unfortunately become a daily, routine dilemma,’ wrote the CEO of a cyber security company who calls ignoring threat alerts “standard operating procedure.’

Multiple alerts, some of which are not as critical as others, keep IT staff occupied with busywork and such creates alert fatigue, which makes it harder for security teams to respond to the alerts that matter.
Also, FireEye said that “security teams can’t tell which alerts are important”, hence organizations can’t keep up. They can’t tell which alerts are important.

Also, the report shows that urgent warnings get lost in the noise. “When valid warnings do appear, security teams don’t know what to do with them. Clearly, security teams can’t respond to every alert.
According to a recent Ponemon Institute survey, 82% of all organizations said reducing false positives is a “difficult” or “very difficult” problem.

Add to that alerts for activities that, while genuinely malicious, do not represent critical threats.

For truly effective protection, FireEye said that security leaders must focus on the quality of alerts rather than the quantity.

Quote
“We are excited at the opportunities that technology has presented to our African youths in creating jobs and wealth. This is a great moment in the history of Africa, steadily rising to establish its digital footprint in the world” Peter Jack, director-general, National Information Technology Development Agency (NITDA)

0 Comments