EMA Research: Security Analytics Reduce False Alerts
A new Enterprise Management Associates (EMA) Research study revealed organizations that use security and threat analytics are nearly twice as confident of detecting security issues than those that do not leverage these tools.
A new Enterprise Management Associates (EMA) Research study of more than 200 IT and security professionals showed the majority of respondents reported security analytics helped reduce false alerts.
The study, titled “The Evolution of Data Driven Security,” revealed organizations that use security and threat analytics are nearly twice as confident of detecting security issues than those that do not leverage these tools.
“Protecting organizations from security threats has grown in complexity and effort. Whether it is measured by the rising number of threats, the unending number of alerts, or the high percentage of false positives, security teams are struggling,” David Monahan, research director for EMA Research, said in a prepared statement.
Other study findings included:
90 percent of organizations that use security and threat analytics have seen a decrease in false alerts or an improvement in actionable alerts by security personnel.
Organizations that use security and threat analytics are at least 50 percent more likely to have experienced reduced frequency and duration of security investigations compared to those that do not use analytics.
38 percent of respondents indicated they use security and threat analytics to improve their detection and response times and become more confident in their ability to handle serious security threats.
Researchers also noted the study showed a correlation between establishing comprehensive baselines and responding to incidents based on assets at risk.
How can MSPs handle security challenges?
Digital investigative solutions provider Guidance Software is calling 2014 “the year of the endpoint” based on the study results.
Guidance Software spokesperson Cynthia Siemens told MSPmentor she believes information security today “is now all deep data collection from each endpoint,” and managed service providers (MSPs) need to proactively protect their customers against security threats.
“The best way for MSPs to deal with security challenges going forward is to take a proactive approach to threat-hunting that centers on full visibility of network endpoints containing sensitive data,” she said. “This requires taking regularly updated baselines of ‘normal’ activity for each endpoint and using a system that delivers early intelligence on anomalous behavior against those baselines.”
Alex Andrianopoulos, Guidance Software’s vice president of marketing, added the use of security and threat analytics could increase as MSPs and IT solution providers learn more about these tools.
“As organizations gain a better understanding of the value of security analytics to recover faster, decrease the number and frequency of investigations and significantly reduce false positives, we expect usage of these tools to increase,” Andrianopoulos said.
Share your thoughts about this story in the Comments section below, via Twitter @dkobialka or email me at [email protected].
About the Author
You May Also Like