Arraya Insights | August 5, 2015
IT teams are struggling to spot legitimate malware threats over the white noise generated by false alarms and it’s costing their employers. How much? In terms of the financial cost, the price tag comes out to $1.27 million annually. Switching gears and looking at the human element, IT teams waste an average of 395 combined team hours each week chasing down false positives. Just for reference, IT teams spend a total of 230 hours per week cleaning and fixing infected devices, work which actually delivers meaningful value to the organization, unlike chasing down false alarms. Those are the findings of a recent malware research project conducted by The Ponemon Institute and commissioned by Damballa.
What’s drumming up that white noise in the first place? Part of the problem stems from the security tools organizations have put in place to combat those malware threats. Solutions which were poorly deployed, set up and/or maintained contributed mightily to the issues uncovered in the study. Another facet of the problem comes from the IT team itself. Researchers theorized organizations lacked the skills, the experience and the staffer bandwidth needed to properly maintain those solutions and to vet and act on possible security threats.
There are also seemingly some accountability issues at play. Roughly 40% of those who participated in the survey confirmed that, at their organizations, no one person or function was chiefly responsible for malware containment.
As if the lost time and resources weren’t bad enough, there’s additional component to this which needs to be considered. The study also found companies were only able to follow up on one-in-five malware alerts that were judged to be credible threats. That means a large number of risks aren’t getting the attention they deserve. Those unaddressed risks could – in the long-term – end up costing companies even more than the $1.27 million that’s getting burned on false alarms.
Reduce white noise, lessen IT’s burden
It’s clear this situation isn’t ideal. One solution is to hire new staffers to fill the on-prem security team ranks, enabling teams to better manage monitoring tools and the rising tide of alerts. But, finding and onboarding that new talent takes time, while the organization is left open to malware. In addition, even the best new hire’s expertise and available bandwidth is limited. However, there is a solution that goes beyond expanding the size of the IT team.
Alert, Arraya’s enterprise monitoring and support service, can have eyes on corporate infrastructure and applications 24/7, 365 days a year. If something goes wrong in the IT environment, Alert will know about it, escalate it and ensure that the appropriate resources stand ready to aid in the remediation efforts.
That’s the true value of the Alert service. It can act as a bridge linking existing IT teams with Arraya’s Managed Services team. This connection allows Arraya’s team to get to know the Client’s environment more comprehensively. Arraya’s team will then use that insight (and its past experiences) to fine-tune thresholds and introduce new service checks to ensure the health, availability and security of IT infrastructures and applications.
That level of familiarity can also help the Arraya team weed out those pesky false positives which can build up to create major time and resource drains. Instead of IT being forced to sift through a flood of alerts to find the ones which will most impact the business, Arraya’s team will use its knowledge of the Client and its environment to shoulder that responsibility. This ensures the only alerts which reach the Client are ones that truly matter.
The Alert monitoring tool is easy to install and manage, eliminating the need for maintenance activities which divert attention away from high-value projects. It is also secure, ensuring private info stays private.
Imagine what on-site IT teams could do with another 395 combined hours free each week? And to think, that’s just the time saved by eliminating false positives.
Want to get started? Have more questions? Visit www.ArrayaSolutions.com/services/ to learn more about Alert, Arraya’s enterprise monitoring and support service, as well as the full line of Managed Services offerings. Click here to open the lines of communication with an Arraya Account Executive.
Follow Arraya on Twitter, @ArrayaSolutions, to keep up with all of the latest company news, updates and special offers.