Dubai: As cyber defences get ever more sophisticated, the threat levels posed by breaches are turning as complex, with nearly 50 per cent of security analysts in the region saying the ‘size of attack surface’ has increased in the last 3 years.
On average, SOC (security operations) teams in the two markets receive 6,736 alerts daily (around 2,252 more than the global average) and spend nearly two-and-a-half hours a day manually triaging alerts, according to findings from Vectra AI.
‘The ever-expanding attack surface combined with evolving attacker methods and increasing SOC analyst workload results in a vicious spiral of more that is preventing security teams from effectively securing their organization,” according to the company.
A majority of SOC analysts have reported their tools are ‘effective’. Yet, the ‘combination of blind spots and a high volume of false positive alerts’ prevent regional enterprises and their SOC teams from successfully containing cyber risk.
The study found:
- 96 per cent of surveyed SOC analysts worry about missing a relevant security event because it’s buried under a flood of alerts. Yet, the vast majority deem their tools effective overall.
- 40 per cent believe alert overload is the norm because vendors are afraid of not flagging an event that could turn out to be important.
- 43 per cent claim that security tools are purchased as a box-ticking exercise to meet compliance requirements, and 54 per cent wish IT team members consulted them before investing in new products.
