False positives costly to businesses
Posted by: Timothy Weaver on 01/20/2015 05:11 AM
[
Comments
]
A new survey commissioned by breach detection specialist Damballa reveals that false positive malware alerts have a significant cost for businesses.
Ponemon Institute produced a study that showed that enterprises spend $1.3 million a year dealing with false positive cyber security alerts, which equals nearly 21,000 hours in wasted time.
A typical week shows that companies have an average of 17,000 malware alerts, yet only 19 percent are deemed reliable -- or worthy of action. These organizations feel that 40% of the malware alerts are a result of their AV software missing them.
Brian Foster, CTO of Damballa, says: "These findings confirm not only the sheer scale of the challenge for IT security teams in sifting out the real threats from tens of thousands of false alarms, but also the huge financial impact in terms of time. The severity and frequency of attacks is growing, which means that teams need a way to focus on responding to true positive infections if they are to get a firmer grip on their security posture. It's more important than ever for teams to be armed with the right intelligence to detect active infections to reduce their organization's risk exposure and make the best use of their highly-skilled, limited security resources".
The full report is available on the Damballa website.
Ponemon Institute produced a study that showed that enterprises spend $1.3 million a year dealing with false positive cyber security alerts, which equals nearly 21,000 hours in wasted time.
A typical week shows that companies have an average of 17,000 malware alerts, yet only 19 percent are deemed reliable -- or worthy of action. These organizations feel that 40% of the malware alerts are a result of their AV software missing them.
Brian Foster, CTO of Damballa, says: "These findings confirm not only the sheer scale of the challenge for IT security teams in sifting out the real threats from tens of thousands of false alarms, but also the huge financial impact in terms of time. The severity and frequency of attacks is growing, which means that teams need a way to focus on responding to true positive infections if they are to get a firmer grip on their security posture. It's more important than ever for teams to be armed with the right intelligence to detect active infections to reduce their organization's risk exposure and make the best use of their highly-skilled, limited security resources".
The full report is available on the Damballa website.
Comments
