A new piece of research on the security front has pointed out that businesses waste a lot of money dealing with false positive malware alerts.
The Cost of Malware Containment report from the Ponemon Institute (commissioned by Damballa) questioned 550 IT pros and IT security experts across the EMEA, and found that companies are dealing with 10,000 malware alerts per week, but only 22 per cent of those are deemed reliable.
Indeed, only a small amount of those reliable reports are actually considered to be worthy of further investigation – 3.5 per cent in total.
This adds up to an average of 272 hours per week which security staff spend dealing with false positive malware alerts, which the report claims costs each organisation an average of £515,000 every year in lost productivity.
The report also noted that 57 per cent of those questioned said the severity of malware infections hitting their business had increased (or indeed significantly increased) over the past year, with 47 per cent saying that the volume of infections had increased over the same time period.
Despite this increase in numbers and severity, a quarter of respondents admitted they had an "ad hoc approach to containment", with 38 per cent saying there is no one specific staff member in the company who is accountable for dealing with and containing malware.
Finally, only 37 per cent of those surveyed said that their business has automated tools to capture intelligence and help evaluate the true threat levels malware poses.
Stephen Newman, CTO of Damballa, commented: “These findings are significant as they highlight the real impact of false malware intelligence. Not only are teams devoting valuable time and resources to hunting down the false positives but they’re also in danger of missing the real infections, which could have a devastating impact.”
He further noted: “The severity and frequency of attacks is increasing, so the focus really needs to be on building better intelligence, which means that organisations will have the confidence of knowing exactly where the real threats are. This means that teams can direct their efforts where it is most needed; on finding and quickly remediating the active infections.”