New Ponemon Report Reveals High Cost of Dealing with ‘False Positive’ Cyber Security Alerts
New Ponemon Report Reveals High Cost of Dealing with ‘False Positive’ Cyber Security Alerts Jan 2015
Ponemon & Damballa to Host Webinar on ‘The Cost of Malware Containment’
Atlanta, GA – January 16, 2015 – A new report from the Ponemon Institute reveals that enterprises spend $1.3 million a year dealing with false positive cyber security alerts, which equals nearly 21,000 hours in wasted time.
The Cost of Malware Containment report, commissioned by Damballa, a leader in automated breach detection, surveyed more than 600 US IT and IT security practitioners with the aim of understanding the true cost of dealing with today’s volume of malware threats.
In a typical week, organizations receive an average of nearly 17,000 malware alerts; only 19% are deemed reliable – or worthy of action. Security teams are unnecessarily consumed by activity that pose no threat to their data security, which can distract them from dealing with threats that can lead to compromise. Compounding the problem, respondents believe their prevention tools miss 40% of malware infections in a typical week. The longer malware goes undetected, the greater the risk of a breach.
Additional key findings from the report:
Severity of Malware Infections has increased: 60% of respondents report that the severity of malware infections has significantly increased (16 %) or increased (44%) in the past year.
‘Ad hoc’ response to malware containment: Despite this growth, when asked about their approach to malware containment, 33% of organizations revealed that they have an unstructured or “ad hoc” approach to the process. In terms of responsibility, 40% of respondents say there is no one person or function accountable for the containment of malware.
Lack of automated response: Only 41% of respondents say their organization has automated tools that capture intelligence and evaluate the true threat caused by malware.
Brian Foster, CTO of Damballa, noted, “These findings confirm not only the sheer scale of the challenge for IT security teams in sifting out the real threats from tens of thousands of false alarms, but also the huge financial impact in terms of time. The severity and frequency of attacks is growing, which means that teams need a way to focus on responding to true positive infections if they are to get a firmer grip on their security posture.”
Foster continued, “It’s more important than ever for teams to be armed with the right intelligence to detect active infections to reduce their organization’s risk exposure and make the best use of their highly-skilled, limited security resources.”
Webinar on The Cost of Malware Containment
Dr. Larry Ponemon of The Ponemon Institute will join Foster to discuss findings of the latest research report in a webinar on Tuesday, January 20th at 10am PT/1pm ET. The duo will discuss
What are enterprises doing today to detect and contain threats?
How does false positive alert-chasing impact the enterprise?
How do we begin to solve the problem with high-fidelity detection?
What can be done to automate response?
To register, visit: https://www.damballa.com/ponemon-survey-cost-malware-containment-2015/ .
To download the full report, visit: https://www.damballa.com/ponemon-institute-survey-the-cost-of-malware-co...