Page 24 - Cyber Defense eMagazine Special RSA Conference Annual Edition for 2022
P. 24
Alert Fatigue Puts Your Organization
at Risk; Here’s What to Do About It
By Derek Nugent Vice President Sales, Marketing & Customer Success at Difenda
Alerts, notifications, and non-stop calls from shady
telemarketers pitching extended warranties – we
all get more alerts each day than we can manage.
For security professionals, the flood of alerts is
even worse, much worse, extending to the
essential tools they need to do their jobs.
The negative impacts of this deluge of alerts are
felt anytime an overworked security professional
suffering from “alert fatigue” neglects to block an
attacker or detect malware because the signals
were ignored or simply lost amidst the noise.
What Causes Alert Fatigue?
There are five main drivers of alert fatigue:
• Security Technology Creep
• Explosion of Automated Attacks
• Ineffective Configuration and Use of Tools
• Global Threat Landscape Events
• Limited Resources to Devote to the Problem
Each new layer of security that businesses add to address evolving security risks generates its own
stream of notifications, alerts, and alarms. Some are actionable, many are not. Antivirus, IPS software,
and firewalls, to name only a few layers, all generate alerts that tend to be poorly correlated.
Due to the unbalanced nature of security defense vs. cyber-attackers on offense, security solutions tend
to be overly sensitive by design, which makes alert fatigue inevitable. After all, attackers need only be
24