New Ponemon Report Reveals High Cost of Dealing with ‘False Positive’ Cyber Security Alerts

A new report from the Ponemon Institute reveals that enterprises spend $1.3 million a year dealing with false positive cyber security alerts, which equals nearly 21,000 hours in wasted time.

The Cost of Malware Containment report, commissioned by Damballa, a leader in automated breach detection, surveyed more than 600 US IT and IT security practitioners with the aim of understanding the true cost of dealing with today’s volume of malware threats.

Free eBook: Modern Retail Security Risk – Get your copy now.

In a typical week, organizations receive an average of nearly 17,000 malware alerts; only 19% are deemed reliable – or worthy of action. Security teams are unnecessarily consumed by activity that pose no threat to their data security, which can distract them from dealing with threats that can lead to compromise. Compounding the problem, respondents believe their prevention tools miss 40% of malware infections in a typical week. The longer malware goes undetected, the greater the risk of a breach.

Additional key findings from the report: 

· Severity of Malware Infections has increased: 60% of respondents report that the severity of malware infections has significantly increased (16%) or increased (44%) in the past year.

· ‘Ad hoc’ response to malware containment: Despite this growth, when asked about their approach to malware containment, 33% of organizations revealed that they have an unstructured or “ad hoc” approach to the process. In terms of responsibility, 40% of respondents say there is no one person or function accountable for the containment of malware.

· Lack of automated response: Only 41% of respondents say their organization has automated tools that capture intelligence and evaluate the true threat caused by malware.

Brian Foster, CTO of Damballa, noted, “These findings confirm not only the sheer scale of the challenge for IT security teams in sifting out the real threats from tens of thousands of false alarms but also the huge financial impact in terms of time. The severity and frequency of attacks is growing, which means that teams need a way to focus on responding to true positive infections if they are to get a firmer grip on their security posture.”

Foster continued, “It’s more important than ever for teams to be armed with the right intelligence to detect active infections to reduce their organization’s risk exposure and make the best use of their highly-skilled, limited security resources.”

Webinar on The Cost of Malware Containment

Dr. Larry Ponemon of The Ponemon Institute will join Foster to discuss findings of the latest research report in a webinar tomorrow, Tuesday, January 20th at 10am PT/1pm ET. The duo will discuss

· What are enterprises doing today to detect and contain threats?
· How does false positive alert-chasing impact the enterprise?
· How do we begin to solve the problem with high-fidelity detection?
· What can be done to automate response?

To register, visit: https://www.damballa.com/ponemon-survey-cost-malware-containment-2015/ .

To download the full report, visit: https://www.damballa.com/ponemon-institute-survey-the-cost-of-malware-containment

About Damballa

damballa_logoAs a leader in automated breach defense, Damballa delivers advanced threat protection and containment for active threats that bypass all security prevention layers. Born for breach defense, Damballa rapidly discovers infections with certainty, pinpointing the compromised devices that represent the highest risk to a business, and enabling prioritized response and refocusing of security experts to the areas of greatest risk to an enterprise. Our patented solutions leverage Big Data from one-third of the worlds Internet traffic, combined with machine learning, to automatically discover and terminate criminal activity, stop data theft, minimize business disruption, and reduce the time to response and remediation. Damballa protects any device or OS including PCs, Macs, Unix, iOS, Android, and embedded systems. Damballa protects more than 400 million endpoints globally at enterprises in every major market and for the world’s largest ISP and telecommunications providers. For more information, visit www.damballa.com, or follow us on Twitter @DamballaInc.

Subscribe
Notify of
guest
0 Expert Comments
Inline Feedbacks
View all comments
Information Security Buzz
0
Would love your thoughts, please comment.x
()
x