AI Emerges as a Solution to Cybersecurity Alert Fatigue, Study Finds

Cybersecurity professionals are turning to AI as more lose control of detection tools

More than half of security practitioners believe vendors are flooding them with ineffective alerts to avoid accountability should a breach hit. Cybersecurity professionals are losing trust and control of their current detection tools as the volume of attacks continues to climb, with some looking to artificial intelligence (AI) for possible solutions. Some 60% of security operations center (SOC) practitioners believe market players are flooding them with "pointless alerts" to skirt responsibility should a breach occur, according to a study released Friday by cybersecurity vendor Vectra AI. Also: AI can now solve reCAPTCHA tests as accurately as you can Another 47% expressed a lack of trust that their tools are effective, according to a survey that polled 2,000 security professionals worldwide. Overwhelmed by the deluge of security alerts, 71% are concerned about missing an actual attack while 51% say they cannot keep up with the growing number of security threats. As it is, 52% say their security tools actually add to their workload rather than reduce it. Across the board, 73% of respondents have implemented at least 10 security tools, while 45% have more than 20 tools in place. Also: AI is changing cybersecurity and businesses must wake up to the threat The study further highlighted that 60% of respondents believe vendors are pushing for tools that generate too many alerts to skirt accountability should a breach occur. In addition, 71% say market players should assume more responsibility for failing to stop a breach. Some 81% of SOC practitioners estimate they spend more than two hours a day sieving through and triaging security events. Also: You don't need to pay for antivirus software - here's why About half describe their security tools as a hindrance rather than an aid in identifying actual cyberattacks, highlighting that they can only handle 38% of alerts they encounter, despite only 16% being classified as "real attacks." To cope, some are turning to AI. Some 89% will use more AI-powered tools over the next year to replace legacy threat detection and response applications. Also: A third of all generative AI projects will be abandoned, says Gartner Another 85% noted that their investment in AI and AI deployment had increased in the past year, with 67% describing the technology's impact on their ability to identify and manage threats as positive. AI not only helped cut workload for 75% of respondents in the past year, it also reduced feelings of burnout for 73%, according to the study. Also: The 4 biggest challenges of AI-generated code that Gartner left out of its latest report "It's clear [security practitioners] are becoming increasingly frustrated with their current threat detection tools which, due to a lack of integrated attack signal, often create additional work rather than streamline the process," said Mark Wojtasiak, Vectra AI's vice president of research and strategy. "The data suggests that the tools being used for threat detection and response, along with the vendors who sell them, aren't holding up their end of the deal." While SOC teams believe AI delivers an attack signal that will help them prioritize threats and reduce alert fatigue, trust needs to be rebuilt, Wojtasiak said. "Vendors will need to show how they add value beyond just the technologies they sell," he said. Also: The best AI for coding in 2024 (and what not to use) "As the market saturates with tools claiming 'AI' capabilities, practitioners need to identify which solutions truly cut through the noise and add real value," added Sharat Nautiyal, Vectra AI's Asia-Pacific Japan director of security engineering.

Security pros are missing attacks due to an overload of pointless alerts

Security teams overwhelmed with notifications from vendors It probably isn't much of a surprise that workers are overwhelmed with notifications and emails on a daily basis, but new research has suggested this is actually having a detrimental effect on day-to-day cybersecurity operations. A Vectra AI survey has shown that 71% of security practitioners worry that they will miss a real attack buried in a flood of inconsequential alerts, as vendors scramble to cover all bases in an ever evolving threat landscape. In some cases, threat detection tools are causing more problems than they solve, as 47% don't trust their tools to work the way they need them to, and the majority (54%) say their workload has actually increased instead. A staggering 81% of security pros spend over 2 hours per day trawling through and triaging security events, reporting that only 16% of the alerts they receive are 'real attacks'. Things are improving though, with teams are more confident in their defenses than they were a year ago. The introduction of AI is helping, with 73% saying their workload and burnout have reduced thanks to AI. Since AI is playing a bigger role in cyberattacks, many security pros are adopting it as part of their response. "Teams believe AI delivers an attack signal that will help them identify and prioritize threats, accelerate response times, and reduce alert fatigue, however, trust needs to be rebuilt. AI-powered offerings are proving to have a positive impact, but to truly reestablish trust, vendors will need to show how they add value beyond just the technologies they sell," said Mark Wojtasiak, vice president of research and strategy at Vectra AI. The trust has certainly been broken between practitioners and vendors, so the introduction of AI tools may take some convincing, but almost all (89%) plan to use more AI tools to replace legacy threat detection and response.