73% of security professionals failed to act upon security alerts

A new report by Coro sheds light on the challenges that cybersecurity professionals are facing in regard to their workload. The report surveyed 500 cybersecurity decision-makers in the United States, all of whom worked for companies with 200 to 2000 employees. The survey focused on small and medium-sized enterprises (SMEs), finding that many lacked the resources and abilities to properly handle the large volume security alerts received. 

In fact, 73% of security professionals in SMEs reported that they either missed, ignored or failed to act upon high priority security alerts. Two main reasons given for this were a lack of staff and time constraints. In terms of time constrains, 52% of those surveyed reported the task consuming most of their time was monitoring security platforms. This task is followed by vulnerability patching. 

Key findings from the report include: 

  • Professionals surveyed report that managing the organization’s cybersecurity tools takes an average of 4 hours 43 minutes each day. These organizations average 11.55 tools to be used in “security toolboxes.” 
  • It takes an estimated 4.223 months for new cybersecurity tools to become fully operational. This is because it requires installation, configuration, integration, staff training and more to become operational. 
  • Within the next 12 months, 85% of professionals surveyed say they are seeking to consolidate their tools.

https://www.securitymagazine.com/articles/100610-73-of-security-professionals-failed-to-act-upon-security-alerts