- Google Cloud Survey finds that even cybersecurity experts are overwhelmed by too many notifications of threats
- The security field suffers from skills scarcity, putting companies at risk
- Perhaps, as expected, researchers say the answer is AI
Security professionals have long reported high levels of stress and exhaustion, which is only aggravated by a shortage of industry skills, and new research states that the large volume of threats, as well as the data that produce those threats, is putting companies at risk.
Google Cloud research found that threat notifications are not the useful tool that could be, and in fact they can be overwhelming security equipment, with almost two thirds (61%) of security professionals who say they think there are “too many threat intelligence data foods”, and 60% believe there are very few threat analysts to measure data efficiently.
“Instead of helping efficiency, innumerable [threat intelligence] It feeds security equipment flooded with data, which makes it difficult to extract useful information or prioritize and respond to threats. Security teams need visibility of relevant threats, the correlation with scale and qualified defenders to use processable ideas, allowing a change in a reactive safety position to a proactive one, ”the study argued.
Needles in a hay
Too many data lead to analysts trapped in the ‘reactive mode’, with 86% of respondents who say that their organization has gaps in their understanding of the threat panorama, as well as 85% who say they could put more focus on emerging threats, and 72% are mostly reagent to threats, not able to get ahead of tendencies.
Sentinelone’s adjacent research shows that a large proportion of cloud security alerts are false positives (not relevant to the organization). The majority of respondents (53%) say that more than half of the alerts they receive are a false positive, and describes how real is the ‘alert fatigue’.
This makes it difficult to obtain cloud environments, for example, 92% of respondents, with too many points of points that lead to management and integration problems, creating more alerts, alerts of lower quality and, therefore, slower reactions to attacks thanks to confusion.
Perhaps, as expected, both research sets have a suggestion to solve this problem, and is not investing in a better training and support to address the scarcity of skills. Instead, you guessed it, it is ai.
AI can help relieve pressure by improving the ability of an organization to operationalize threat intelligence, generate ‘easy summaries to read’ and recommend the next steps to ‘Junior level analysts’, says Google’s research.
“We believe that the key is to integrate the intelligence of threats directly into workflows and security tools, so it can be accessed and analyzed quickly and effectively,” said Jayce Nichols, Google Cloud director, intelligence solutions.
“IA has a vital role in this integration, helping to synthesize unprocessed data, manage repetitive tasks and reduce work to free human analysts to focus their efforts on making critical decisions.”
