Security teams are turning off alerts due to overload

Stressed worker
(Image credit: Shutterstock)

Alert overload is stressing cybersecurity workers to the point where it starts to affect both their performance as well as personal lives, a report from Trend Micro claims.

The cybersecurity firm polled 2,303 IT security and SOC decision-makers and found that 70% are utterly stressed with IT threat alerts. While at work, some are feeling overwhelmed by the sheer number of pings, and others are losing confidence in their ability to properly prioritize and respond to them. As a result, many are wasting more than a quarter (27%) of their time dealing with false positives. 

Some just straight-up turn off alerts, which is a security liability in itself, while others will step away from their workstations or ignore the alerts completely, hoping someone else will come and solve the problem for them.

Outside work, many say they can’t switch off or relax, often feeling irritable with friends and family. 

"We're used to cybersecurity being described in terms of people, process and technology”, said Dr. Victoria Baines, Cybersecurity Researcher and Author. ”All too often, though, people are portrayed as a vulnerability rather than an asset, and technical defenses are prioritized over human resilience. It's high time we renewed our investment in our human security assets. That means looking after our colleagues and teams, and ensuring they have tools that allow them to focus on what humans do best."

Sophisticated threat detection needed

IT security is often drowning in pings and alerts from various tools that were supposed to help, and not aggravate the situation. However, that doesn’t mean that cybercrime and misconfigurations that may result in data breaches or leaks, aren’t a major problem.

Almost three-quarters (74%) of respondents are already dealing with a breach, or expect to do so within 12 months from now, the report further found, also claiming that the estimated average cost per breach circles around $235,000. That being said, the consequences of a burnt-out, overworked team that is forced to turn off, or ignore, security alerts could be “disastrous”, Trend Micro warns.

“To avoid losing their best people to burnout,” Bharat Mistry, technical director for Trend Micro says,  “organizations must look to more sophisticated threat detection and response platforms that can intelligently correlate and prioritize alerts. This will not only improve overall protection but also enhance analyst productivity and job satisfaction levels.”

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.