Avoid Alert Overload - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

02:30 PM

Avoid Alert Overload

When does too much information become an impediment to decision making? That's the dilemma facing security pros as they wade through E-mail security alerts sent to them by vendors and independent researchers. The key to knowing which security alerts to pay attention to is knowing your IT environment.

Connie Sadler, Brown University's director of IT security, filters information based on what her environment's biggest point of risk is. "I'm most concerned with network access control and network registration because we have so many people visiting the campus," she says. "It depends on the type of incident and who we perceive might have information on it." Sadler isn't convinced there's one information source that IT pros can rely on. "You can't look to one place to get what you need," she says. "It can be very frustrating and draining at times."

Health care companies have the added pressure of adhering to government regulations protecting patient data. "I have eight people on my staff, and we all subscribe to our own mailing lists," says John Delano, information security officer at Integris Health. He relies on information from vendors including Cybertrust, McAfee, and Microsoft, and he wants to create a general mailbox where he and his staff can share information.

The amount of security research being done will grow as companies identify it as a competitive differentiator and independent researchers respond to cash bounties for finding the next big vulnerability. Symantec reported 3,800 vulnerabilities in commercial software last year, using a staff of about 300 people, including freelance researchers.

Much of the research has focused on the largest software providers, so there's a lotleft to be done. "We're going to see a rise in the amount of research," says Neel Mehta, team lead for Internet Security Systems' X-force research arm, which has 10 full-time security researchers. "A lot of emerging technologies have to be examined for security risks."

Dennis Brixius, chief security officer at publisher McGraw-Hill, wants any information he can get because threat assessments must be made based on a company's IT environment. "What are your key applications? What are they running? What's happening on those machines?" he says. "Knowing your inside environment is the best way to filter this information."

Continue to the sidebar:
10 Infamous Moments In Security Research

Return to the story:
The Fear Industry

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
State of the Cloud
State of the Cloud
Cloud has drastically changed how IT organizations consume and deploy services in the digital age. This research report will delve into public, private and hybrid cloud adoption trends, with a special focus on infrastructure as a service and its role in the enterprise. Find out the challenges organizations are experiencing, and the technologies and strategies they are using to manage and mitigate those challenges today.
IT Careers: 12 Job Skills in Demand for 2020
Cynthia Harvey, Freelance Journalist, InformationWeek,  10/1/2019
Enterprise Guide to Multi-Cloud Adoption
Cathleen Gagne, Managing Editor, InformationWeek,  9/27/2019
5 Ways CIOs Can Better Compete to Recruit Top Tech Talent
Guest Commentary, Guest Commentary,  10/2/2019
Register for InformationWeek Newsletters
Current Issue
Data Science and AI in the Fast Lane
This IT Trend Report will help you gain insight into how quickly and dramatically data science is influencing how enterprises are managed and where they will derive business success. Read the report today!
White Papers
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll