Alert Handling Disparity: Cybersecurity Executives and Frontline Roles at Odds

Alert Handling Disparity: Cybersecurity Executives and Frontline Roles at Odds

By Greg Tavarez

Organizations are grappling with more security alerts that pose significant challenges to their cybersecurity posture.

Think about it. With the rapid advancement of technology and the proliferation of interconnected devices, cyber threats have become more sophisticated and diverse, making it harder for traditional security measures to keep up.

Security teams find themselves inundated with a deluge of alerts, making it difficult to identify and prioritize genuine threats from false positives. The sheer volume of alerts is cause for concern too, as they can lead to alert fatigue, causing potential critical incidents to go unnoticed or receive delayed responses, leaving the organization vulnerable to potential breaches and data leaks.

To better understand these challenges and how organizations are prepared to address them, Swimlane recently partnered with Dimensional Research, an independent research firm, to survey security professionals and executives from around the world.

The findings of the report were appalling.

Despite the growing emphasis on cybersecurity in C-suite and boardroom discussions, a striking contrast has arisen between the perceptions of executives and the realities faced by security teams on the ground. 70% of executives hold the belief that their security team adequately handles all security alerts, whereas 36% of the front-line roles responsible for managing alerts share this optimistic view. In truth, the actual figure of organizations effectively addressing every single alert stands at a modest 58%.

And while the use of automation is increasing in popularity to overcome these challenges, a notable disconnect also exists in understanding the security team's skill set and available resources to adopt heavy-scripting automation tools. According to the report, 87% of executives believe their security team possesses what it takes for successful adoption. In comparison, only 52% of front-line roles state they have enough experience to properly use this type of technology.

These disparities in perception highlight the need for better communication and understanding between top-level management and security teams. It emphasizes the importance of accurate data and reporting to ensure executives have a clear and realistic picture of the organization's cybersecurity capabilities.

By acknowledging and bridging this gap, organizations can strengthen their cybersecurity posture and create a more cohesive approach to handling security incidents. Executives must foster an environment that promotes open dialogue, trust and cooperation between different levels of the organization to effectively mitigate cyber threats and protect sensitive information.

But, of course, that is easier said than done. A big hurdle in bridging that gap is the staff shortage. According to the survey, 70% of companies are taking longer to fill cybersecurity roles compared to two years ago. A majority of organizations report that it takes three months or more to fill such roles, and 34% state it takes seven months or longer. As a consequence, one-third of organizations fear they may never have a fully-staffed security team with the necessary skills.

Along with the staff shortages, the report revealed concerning levels of employee turnover and burnout within cybersecurity teams, posing a substantial risk to businesses. Nearly all respondents reported experiencing business issues resulting from security team turnover, including slower threat identification, response and remediation, as well as difficulties in addressing security alerts effectively.

These challenges threaten the operational stability and resilience of organizations in the face of an evolving cybersecurity landscape.

“Organizations across industries and around the globe are struggling to hire and keep qualified cybersecurity professionals who can effectively manage today's threat landscape,” said James Brear, CEO of Swimlane. “This, in addition to a rapidly evolving regulatory landscape and complex new threats brought on by generative AI, highlights the need for organizations to scale their defenses before it's too late.”

Swimlane is helping these organizations and others in similar situations with its Automation Readiness & Maturity of Orchestrated Resources, or ARMOR, Framework. This standard for security automation maturity helps organizations of all sizes and industries understand, implement and mature security automation for better outcomes.

The online survey is free to any organization and requires approximately 10 minutes to complete. Upon submission, a security automation consultant will schedule a complimentary review of a tailored report detailing current security automation maturity and recommendations for up-leveling their strategies to align with industry best practices.

Edited by Alex Passett
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

MSPToday Editor

Related Articles

LogMeIn Rescue, to the Rescue: Forrester Studies GoTo's Support Capabilities

By: Alex Passett    9/22/2023

Over a period of three years, a Forrester Total Economic Impact (TEI) study examined the business and financial benefits of LogMeIn Rescue, a flagship…

Read More

Canadian Managed IT Services Gear Up for Cybersecurity Awareness Month

By: Contributing Writer    9/22/2023

October, prominently known as Cybersecurity Awareness Month, is an annual observance and an intensified rally for Canada's premier IT service provider…

Read More

ITEXPO Exhibitor RingLogix Looks to TeamMate to Open New Possibilities for MSPs

By: Greg Tavarez    9/21/2023

The RingLogix and TeamMate collaboration enables MSPs to get the most out of Microsoft Teams as a collaboration solution.

Read More

Acronis Introduces Advanced Automation for MSPs

By: Stefania Viscusi    9/21/2023

Acronis Advanced Automation addresses a common challenge faced by MSPs, the increasing complexities businesses face with so many different initiatives…

Read More

Comprehensive Cybersecurity Solutions: Rackspace Taps Palo Alto Networks

By: Alex Passett    9/20/2023

Strengthening organizations' abilities to stay ahead of progressively evolving cyber threats and attackers is key. That's why Rackspace Technology has…

Read More