FireEye Report Finds 35% of Large Enterprises Require at Least Three Full-Time Positions for Security Alert Management
Independent Global Survey by IDC Highlights Resource and Time Constraints That Prevent Organizations From Responding to Alerts in Minutes
MILPITAS, CA – January 22, 2015 – FireEye, Inc. (NASDAQ: FEYE), the leader in stopping today’s advanced cyber attacks, today released the report “The Numbers Game: How Many Alerts is too Many to Handle?” Drawing from a survey of over 500 large enterprises in North America, Latin America, Europe, and Asia conducted by IDC, the report sheds light on just how difficult it is for organizations to manage and act on security alerts in a timely and effective manner.
“The best security solutions in the world fail when the alerts they generate and the people who should handle them are unable to act quickly on them,” said David Bianco, manager, product detection engineering at FireEye. “As seen is some of the most high-profile breaches of the last two years, missing or slowly responding to even just one alert leaves a massive opportunity for cybercriminals and threat actors to do all the damage they need. And with so many solutions producing alerts in an enterprise, it is more important than ever to know which ones produce real alerts and establish stronger processes around response.”
“The Numbers Game” surveyed director-level and higher IT security practitioners from 13 countries: the United States, Brazil, Mexico, Colombia, the United Kingdom, France, Germany, Australia, South Korea, India, China, Singapore, and Japan. Participants were asked questions relating to their security consoles, vendor distribution, operational outsourcing, and budgets in order to gain an accurate understanding of their alert management practices.
Key findings from “The Numbers Game” include:
Lower Budget Allocations for Alert Management
When asked about IT security spending distribution, over 70 percent of respondents said that less than half of their budgets went towards security management, leaving room for more technology purchases that tend to increase alerts.
Alert Volume May be Masking Quality Problems
Nearly 50 percent of respondents allocate time to reviewing their security product configurations on a monthly basis in order to reduce alerts but nearly 80 percent felt the quality of their alerts were excellent or almost excellent, indicating a gap in how alert quality is perceived.
Response Times Lag for “Low” and “Moderate” Alerts
Over 60 percent of respondents stated that response time for “moderate” security alerts was between six and 12 hours and over 60 percent said that response time for “low” alerts was between 13 hours and more than one day, leaving ample time for attackers to inflict damage.
Third-Parties Manage Alerts More Effectively But Most
Organizations Don’t Use Them
Over three-fourths of respondents felt that outsourcing security management improved their security postures, however 56 percent of them indicated they currently conduct these operations in-house despite the benefits.
To view a full version of the report, please visit: “The Numbers Game: How Many Alerts is too Many to Handle?”
About FireEye, Inc.
FireEye has invented a purpose-built, virtual machine-based security platform that provides real-time threat protection to enterprises and governments worldwide against the next generation of cyber attacks. These highly sophisticated cyber attacks easily circumvent traditional signature-based defenses, such as next-generation firewalls, IPS, anti-virus, and gateways. The FireEye Threat Prevention Platform provides real-time, dynamic threat protection without the use of signatures to protect an organization across the primary threat vectors and across the different stages of an attack life cycle. The core of the FireEye platform is a virtual execution engine, complemented by dynamic threat intelligence, to identify and block cyber attacks in real time. FireEye has over 2,700 customers across 67 countries, including over 157 of the Fortune 500.
© 2015 FireEye, Inc. All rights reserved. FireEye is a registered trademark or trademark of FireEye, Inc. in the United States and other countries.
Vitor De Souza