Security alerts are incredibly important to quickly detect cyber-attacks, but today’s
security defense products can generate thousands of security alerts on any given day, leaving security analysts at a loss of which alerts to respond to, and potentially missing the most important ones.
A study by the Ponemon Institute found that the average organization in the study received 16,937 alerts a week and 26-50% of security alerts are false positives.
It is a challenging task to triage and investigate security alerts. 53.1% of security analyst’ time are spent on triage and investigation. Yet, it is still very hard to determine which one is true positive and which one is false positive. The nature of alerts is constantly changing and often there are inconsistent processes and no clear guidance on how to handle them.
Based on a security analyst salary of $100,000 a year, an average TTR of 15 minutes and 100 alerts per day, you would be spending $476K on security alerts triaging.
If breached, it will cost
Not to even mention ransomware hackers are looking for more in terms of ransomware. The most recent ransomware attack demanded $70M to return mission critical information to the company.
When alerts are detected, time is of the essence to determine if it is real and if so, to respond quickly to mitigate risk and minimize financial loss to your company. Business continuity and uptime is critical for every organization and any disruption can cause not only financial loss, but negatively impact customer satisfaction and a company’s brand.
There is no single bullet to solve this problem. Security analysts will need to continuously optimize the process with automation as much as possible. The automation journal takes time. AI as a key element of this process will guide you on the journey of automation.
So what DTonomy’s AI can do to enable you to better manage security alerts?
Start free to reduce security investigation time by 80% today.
We are pleased to announce that DTonomy is now part of Stellar Cyber. The integrated solution will enhance cyber threat detection and response automation!