Firms deluged by threat alerts

Research says nearly a third of security professionals cannot deal with the amount of data generated by firewall, anti-virus and intrusion detection systems

IT managers are finding it difficult to respond to security threats because they are bombarded with alerts, says research published this week.

Nearly one third of IT security professionals cannot deal with the amount of data generated by firewall, anti-virus and intrusion detection systems, according to the study by research firm Vanson Bourne on behalf of IBM subsidiary Micromuse.

Some 45 per cent of the 700 European IT managers questioned receive more than 4,000 security alerts per second, making it difficult to prioritise the potential threats. And 15 per cent receive more than 6,000 alerts every second.

One in 10 IT departments says it spends more than three days a week analysing security log data, according to the research. ‘Staff are drowning in IT security data,’ said Kelly Schupp, director of security market solutions at Micromuse.

‘IT networks are the backbone of most businesses these days and as a result the amount of security activity from firewall, anti-virus and intrusion systems is increasing dramatically,’ she said.

Retailers and public sector bodies are finding it most difficult to identify and prioritise security threats, and financial service firms receive the most alerts.

The problem is further exacerbated by 69 per cent of firms relying on IT managers to sift through security event logs manually for suspicious behaviour.

Clive Longbottom, service director at analyst Quocirca, says firms must improve the way they tackle alerts and use configuration management databases or intelligent filtering systems to sift through data and alert IT directors to the real threats.

‘There is a lot of data that needs processing,’ said Longbottom. ‘If you switch these detectors off you could miss serious problems, so you need some way of structuring data and intelligently filtering it.’

What do you think? Email us at: [email protected]