Security overload is leaving admins with too much alert data to comprehend - which makes things even more dangerous

• Google Cloud survey finds even cybersecurity experts are overwhelmed by too many threat notifications
• The security field is suffering from a skills shortage, putting firms at risk
• Perhaps unsurprisingly, researchers say the answer is AI

Security professionals have long been reporting high levels of stress and burnout, which is only compounded by a skills shortage in the industry, and new research claims the sheer volume of threats, as well as the data those threats produce, is putting firms at risk.

Research from Google Cloud found threat notifications aren’t the helpful tool they could be, and in fact can be overwhelming security teams, with nearly two-thirds (61%) of security practitioners saying they think there are, ‘too many threat intelligence data feeds’, and 60% believing there are too few threat analysts to sift through the data efficiently.

“Rather than aiding efficiency, myriad [threat intelligence] feeds inundate security teams with data, making it hard to extract useful insights or prioritize and respond to threats. Security teams need visibility into relevant threats, AI-powered correlation at scale, and skilled defenders to use actionable insights, enabling a shift from a reactive to a proactive security posture,” the study argued.

Needles in a haystack

Too much data leads to analysts stuck in ‘reactive mode’, with 86% of respondents saying their organisation has gaps in its understanding of the threat landscape, as well as 85% saying more focus could be put on emerging threats, and 72% are mostly reactive to threats, not able to get ahead of trends.

Adjacent research from SentinelOne shows that a large proportion of Cloud security alerts are false positives (not relevant to the organisation). The majority of respondents (53%) say that over half of the alerts they receive are a false positive, outlining just how real the ‘alert fatigue’ is.

This makes securing cloud environments difficult, say 92% of respondents, with too many point solutions leading to management and integration issues, creating more alerts, lower quality alerts, and therefore slower reactions to attacks thanks to the confusion.

Perhaps unsurprisingly, both sets of research have one suggestion to solve this issue - and it’s not investing in better training and support to address the skills shortage. Instead, you guessed it, it’s AI.

AI can help ease the pressure by improving an organisation’s ability to operationalise threat intelligence, generating ‘easy-to-read summaries’ and recommending next-steps to ‘uplevel junior analysts’, Google's research says.

"We believe the key is to embed threat intelligence directly into security workflows and tools, so it can be accessed and analyzed quickly and effectively," noted Jayce Nichols, Google Cloud Director, Intelligence Solutions.

"AI has a vital role in this integration, helping to synthesize the raw data, manage repetitive tasks, and reduce toil to free human analysts to focus their efforts on critical decision-making."

You might also like

• Take a look at our picks for the best AI tools around
• Check out our choice for best antivirus software
• Cybersecurity executives love AI, cybersecurity analysts distrust it