edgescan, a leading provider of fullstack vulnerability management, has discovered that more than 60% of security professionals estimate their security function spends over three hours per day validating false positives.
The recent survey of IT security experts also revealed that nearly 30% of respondents are in fact spending more than six hours per day on that task.
The majority of respondents indicated validating false positives as the part of their job they enjoyed the least (30%) and admitted that the time spent on that task is disproportionate and should be reduced.
Furthermore, 44% of respondents also recalled leaving an important life event to deal with a security alert which – when verified – was determined to be a false positive.
This seems to be at the expense of visibility – as many as 64% of respondents admitted that their organisation does not have a complete picture of all its web applications and endpoints.
“Cybersecurity is about protecting a company’s digital assets in an efficient and cost-effective manner,” says Eoin Keary, CEO and co-founder of edgescan.
“With IT security functions typically understaffed – and with this, many organisations acknowledging that they lack visibility on their endpoints and web applications – having cybersecurity professionals work on mundane tasks such as validating false positives for such amounts of time everyday isn’t optimal. Rather, it can be a counterproductive choice.”
He added: “Since it’s impossible to protect what we didn’t know was there, the problem of visibility needs to be addressed as a priority, either by increasing the accuracy of automation tools, or by outsourcing certain tasks to a specialised SOC.
“This would free up the security staff’s time to perform other functions, such as threat intelligence and analysis, rather than have them validating false positives, and would also allow them to place more focus on asset discovery and securing vulnerable endpoints.”