As  we  start  to  emerge  from  the  pandemic,  security  infrastructure  isn’t  getting  any  simpler  and  alert
            volumes aren’t getting any easier to manage.

            According  to  a  recent  survey  of  nearly  400  security  operations  professionals  (commissioned  by
            Siemplify), 42% report that their alert volumes are higher now than before the pandemic, while 51% say
            investigating  suspicious  activities  has  become  a  much  bigger  challenge  in  remote  and  hybrid
            environments.

            Unfortunately, a number of factors threaten to add to the problem of alert fatigue in the near-term. These
            include  but  are  not  limited  to  the  normalization  of  remote  and  mobile  workforces,  the  rise  of  state-
            sponsored  malware  and  hacks  related  to  Russia’s  invasion  of  Ukraine,  and  easy  access  to  and
            automation of sophisticated hacking tools. At the same time, entire classes of threats are on the rise,
            including  critical  infrastructure  attacks,  ransomware,  cloud  storage  leaks,  and  business  email
            compromise attacks (BECs).

            Thus, the volume of alerts will continue to rise and so too will the probability that your security team will
            eventually  miss  something  critical,  leading  to  a  hack,  a  costly  data  breach,  or  some  other  negative
            outcome.

            Unfortunately, another thing on the rise in parallel to alert overload is the cost of those negative outcomes.
            For instance, IBM and the Ponemon Institute’s annual “Cost of a Data Breach Report” found that the cost
            of an average data breach rose from $3.86 million in 2020 to $4.24 million in 2021, the highest average
            total cost in the 17-year history of the report.



            How Microsoft Tackles Alert Fatigue

            One  shortcut  to  reducing  alert  fatigue  is  through  vendor  consolidation.  For  instance,  for  those
            organizations already dependent on Microsoft productivity tools and Azure Cloud, it makes sense to
            consolidate on that platform.

            Soon after investing heavily in its Azure cloud platform, Microsoft also saw the need to tightly integrate
            security into its cloud stack, rather than layering it on afterwards. Thus, in recent years, Microsoft has
            invested $1 billion in security development, and their investment has already earned recognition from
            top-tier industry analysts. For instance, research firm Gartner lists Microsoft as a “leader” in a number of
            its Magic Quadrant reports, including end point protection, access management, CASB, and more.

            Microsoft has also mapped out a strategy to avoid alert fatigue, a strategy that can help your organization
            regain control over alert flows.

            Microsoft recommends adopting technologies such as Artificial Intelligence (AI) and Machine Learning
            (ML) to help find signal in the alert noise. Organizations should automate as many error-prone, repetitive
            tasks as possible in their SOCs, maintain up-to-date watch lists to prioritize activities from known bad
            actors, and adopt cloud-native solutions for better integration.

            For organizations already struggling with limited IT resources, however, there are a few other steps you
            can follow to mitigate alert fatigue. The seven steps outlined below will help your organization alleviate





                                                                                                              26