Cybersecurity professionals are losing trust and control of their current detection tools as the volume of attacks continues to climb, with some looking to artificial intelligence (AI) for possible solutions.
Some 60% of security operations center (SOC) practitioners believe market players are flooding them with “pointless alerts” to skirt responsibility should a breach occur, according to a study released Friday by cybersecurity vendor Vectra AI.
Also: AI can now solve reCAPTCHA tests as accurately as you can
Another 47% expressed a lack of trust that their tools are effective, according to a survey that polled 2,000 security professionals worldwide. Overwhelmed by the deluge of security alerts, 71% are concerned about missing an actual attack while 51% say they cannot keep up with the growing number of security threats.
As it is, 52% say their security tools actually add to their workload rather than reduce it. Across the board, 73% of respondents have implemented at least 10 security tools, while 45% have more than 20 tools in place.
Also: AI is changing cybersecurity and businesses must wake up to the threat
The study further highlighted that 60% of respondents believe vendors are pushing for tools that generate too many alerts to skirt accountability should a breach occur. In addition, 71% say market players should assume more responsibility for failing to stop a breach.
Some 81% of SOC practitioners estimate they spend more than two hours a day sieving through and triaging security events.
Also: You don’t need to pay for antivirus software – here’s why
About half describe their security tools as a hindrance rather than an aid in identifying actual cyberattacks, highlighting that they can only handle 38% of alerts they encounter, despite only 16% being classified as “real attacks.”
To cope, some are turning to AI. Some 89% will use more AI-powered tools over the next year to replace legacy threat detection and response applications.
Also: A third of all generative AI projects will be abandoned, says Gartner
Another 85% noted that their investment in AI and AI deployment had increased in the past year, with 67% describing the technology’s impact on their ability to identify and manage threats as positive.
AI not only helped cut workload for 75% of respondents in the past year, it also reduced feelings of burnout for 73%, according to the study.
Also: The 4 biggest challenges of AI-generated code that Gartner left out of its latest report
“It’s clear [security practitioners] are becoming increasingly frustrated with their current threat detection tools which, due to a lack of integrated attack signal, often create additional work rather than streamline the process,” said Mark Wojtasiak, Vectra AI’s vice president of research and strategy. “The data suggests that the tools being used for threat detection and response, along with the vendors who sell them, aren’t holding up their end of the deal.”
While SOC teams believe AI delivers an attack signal that will help them prioritize threats and reduce alert fatigue, trust needs to be rebuilt, Wojtasiak said. “Vendors will need to show how they add value beyond just the technologies they sell,” he said.
Also: The best AI for coding in 2024 (and what not to use)
“As the market saturates with tools claiming ‘AI’ capabilities, practitioners need to identify which solutions truly cut through the noise and add real value,” added Sharat Nautiyal, Vectra AI’s Asia-Pacific Japan director of security engineering.