25 Percent of InfoSec Professionals’ Time Wasted on False Positives

25% of InfoSec Professionals' Time Wasted on False Positives

Today, SIEM provider Exabeam and the Ponemon Institute announced the results of their joint research report: “Exabeam SIEM Productivity Study.” Shockingly, they discovered cybersecurity professionals spend 25% of their time chasing false positives. Additionally, Exabeam and Ponemon found that cybersecurity teams must address around 4,000 security alerts a week.

Meanwhile, in the “The Exabeam 2019 State of the SOC Report,” 46% of less effective SOCs complain of slight understaffing. On average, understaffed SOCs need anywhere between six and ten employees. 

Our SIEM Buyer’s Guide helps you evaluate the best solution for your use case and features profiles of the leading solution providers and their key capabilities.

The connection between the time wasted on investigating false positives and understaffed security operations center becomes obvious. However, recognizing the problem only constitutes half the equation. How can your enterprise effectively bridge the gap of the cybersecurity staffing crisis. 

How SIEM Can Mitigate False Positives

Unfortunately, SIEM possesses a reputation as generating more false positives than preventing them. Yet as next-generation SIEM solutions become more prevalent, this perception slowly shifts. 

In fact, next-generation SIEM can help your IT security team recognize and ameliorate false positives faster than ever before. With contextualization, your IT security team can observe the alert’s principal actors and behaviors before the full investigation. Thus, your team can determine whether the alert actually highlighted a normal event by accident and save precious time. 

Additionally, next-generation SIEM can also provide your team with automated threat detection and investigation. This saves your team time as well, even as it depends on human intelligence to function optimally. Instead of looking to replace your human intelligence, you should look to your SIEM to supplement you human expertise. 

You can download the full The Exabeam 2019 State of the SOC Report here. Also, you can read more about the “Exabeam SIEM Productivity Study” here. Finally, to learn more about how next-generation SIEM can prevent false positives, check out the 2019 SIEM Buyer’s Guide! We dive into the top vendors and their key capabilities. 

Ben Canner

Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.
Ben Canner