Skip to main content

More than a quarter of security alerts are false positives

(Image credit: Image Credit: Sergey Nivens / Shutterstock)

False positive cybersecurity alerts are on the rise, increasing the stress and information overload shouldered by security experts.

This is according to a new report from Neustar, which claims 43 percent of organisations experience false positives in more than a fifth of cases - some even said half of their security alerts are false positives.

On average, Neustar found a quarter (26 percent) of alerts do not pose a threat. 

According to the report, DDoS attacks are the primary concern of cybersecurity teams, followed by system compromise, ransomware and the threat of intellectual property. Social engineering, meanwhile, is seen as one of the fastest-growing threats, along with DDoS and ransomware.

As cybersecurity grows in importance, businesses are investing substantial sums in network monitoring and threat intelligence technologies. These tools increase the number of alerts and, consequently, the quantity of false positives. In 39 percent of cases, organisations have at least seven tools, and a fifth (21 percent) use more than ten.

For Rodney Joffe, Chairman of the Neustar International Security Council (NISC), IT teams are suffering from data overload, alert fatigue and burnout. 

“To ensure these high-value employees in mission critical roles are well-equipped to separate the signal from the noise, enterprises need a curated approach to security data that provides timely, actionable insights that are hyper relevant to their own organisation and industry,” he said.