The farce that is the Anti-virus / Anti-malware industry continues.
"respondents believe their prevention tools miss 40%
of malware infections in a typical week."
It's not good enough (or bad enough) that 21,000 hours a year are wasted
dealing with an 81% false-positive detection rate.
No. We have to throw in a 40% detection failure rate on top of that.
What an absolute joke the so-called security of the NT line of Windoze
operating systems is. You people are so easily dazzled by each version
of the Emperor's New Clothes.
What an absolute joke corporations and institutions are. Plowing
millions or billions of dollars a year into pathetic AM/AV products on
the say-so of their retarded IT departments and comission-paid
consultants.
==========================================
The cost of dealing with false positive malware alerts
2015/01/16/
False positives are often accepted as a fact of life with anti-virus
programs but a new survey commissioned by breach detection specialist
Damballa reveals that they have a significant cost for businesses.
The study produced by the Ponemon (Pokemon?) Institute reveals that
enterprises spend $1.3 million a year dealing with false positive cyber
security alerts, which equals nearly 21,000 hours in wasted time.
In a typical week, organizations receive an average of nearly 17,000
malware alerts, yet only 19 percent are deemed reliable -- or worthy of
action. This means security teams can waste time on alerts that pose no
threat to their data security and which can distract them from dealing
with threats that can lead to compromise.
Compounding the problem, respondents believe their prevention tools miss
40 percent of malware infections in a typical week. The longer malware
goes undetected of course, the greater the risk of a breach.
In addition 60 percent of respondents report that the severity of
infections has increased over the last year. But despite this 33 percent
of organizations revealed that they have an unstructured or ad hoc
approach to handling alerts. In terms of responsibility, 40 percent of
respondents say there is no one person or function in their enterprise
accountable for the containment of malware.
Only 41 percent of respondents say their organization has automated
tools to allow them to capture intelligence and evaluate the true threat
caused by malware.
"These findings confirm not only the sheer scale of the challenge for IT
security teams in sifting out the real threats from tens of thousands of
false alarms, but also the huge financial impact in terms of time. The
severity and frequency of attacks is growing, which means that teams
need a way to focus on responding to true positive infections if they
are to get a firmer grip on their security posture," says Brian Foster,
CTO of Damballa. "It's more important than ever for teams to be armed
with the right intelligence to detect active infections to reduce their
organization's risk exposure and make the best use of their
highly-skilled, limited security resources".
The full report is available on the Damballa website or there's a
webinar to discuss the findings on January 20th.
https://www.damballa.com/ponemon-institute-survey-the-cost-of-malware-containme
nt/
https://www.damballa.com/ponemon-survey-cost-malware-containment-2015/
=====================
http://betanews.com/2015/01/16/the-cost-of-dealing-with-false-positive-malware-
alerts/
--- NewsGate v1.0 gamma 2
* Origin: News Gate @ Net396 -Huntsville, AL - USA (1:396/4)
|