Study: Alert Overload Plagues Cybersecurity Professionals
CriticalStart, a Plano, Texas-based provider of Managed Detection and Response (MDR) services, has released its third-annual Security Operations Center (SOC) survey, revealing that alert-overload still plagues the cybersecurity industry. Forty-seven percent of respondents reported personally investigating 10 to 20 alerts each day, a 12-percent increase from 2019. Moreover, 25-percent of respondents said they investigate 21 to 40 alerts each day, up from 14-percent the year prior.
“Just like businesses and organizations from both the public and private sector are consistently under attack from malicious actors, security professionals are consistently being bombarded with alerts to investigate,” said Jordan Mauriello, Senior VP of Managed Services at CriticalStart. “This is a problem that isn’t going away, so it is imperative that enterprises invest in the people, process, and technology that are needed to combat this alert overload.”
The report, entitled “Alert Overload Still Plagues Cybersecurity Industry,” surveyed 100 SOC professionals across enterprises, Managed Security Services Providers (MSSP) and Managed Detection & Response (MDR) providers to evaluate the state of incident response within SOCs from a variety of perspectives, including alert volume and management, business models, customer communications, and SOC analyst training and turnover.
Nearly 70-percent of respondents said that 25 to 75-percent of the alerts they investigate on a daily basis are false positives. Almost half of all respondents said they turn off high volume alerting features when there are too many alerts for analysts to process, creating the potential for a legitimate and serious alert to be missed. In addition, 66-percent of survey takers reported seeing an increase in alerts since the known spread of COVID-19 began in mid-March of 2020, and 89-percent said they had been forced to work remotely as a result of COVID-19.
The data underscore the ongoing challenges associated with managing an effective security operations center, pointing the way towards additional opportunities for channel partners.
Fortinet Expands, Adds New Features to Partner Program
Fortinet, a Sunnyvale, California-based cybersecurity company, has updated its “Engage” Partner Program, adding new consumption models for a range of products including FortiSIEM and FortiEDR. New specializations and other enhancements have also been added.
The revised program allows partners to engage as an integrator, MSSP or cloud partner. For cloud partners, the company is adding additional ways to leverage Fortinet’s Adaptive Cloud Security offerings. Managed cloud service provider partners are now immediately eligible for the Engage Select Cloud Business Model. Participants in this business model are eligible for additional discounts on Fortinet’s flexible licensing models, including BYOL and pay-as-you-go, and gain access to FortiCWP and FNDN.
“Fortinet has been successful in enabling our channel partners to grow their business and services leveraging the Fortinet Security Fabric,” said John Maddison, EVP of Products and CMO at Fortinet. “Our partnerships go beyond the technologies that enable service offerings that drive growth and profitability.”
Fortinet is also introducing new specializations focused on high growth areas with additions including Zero Trust Access, Operational Technology and Security Operations. These designations are intended to help partners further distinguish their expertise among current and potential customers as trusted partners who have the knowledge, services and technologies to fulfill customer business needs. Fortinet’s existing Specializations have included Secure SD-WAN, Data Center, Adaptive Cloud Security, and LAN Edge and SD-Branch.
The company’s NSE training courses and eight-level certification program have also been updated to better address compliance requirements.
With hybrid workforces, highly distributed network infrastructures and new digital innovations, organizations find that securing all their environments is becoming increasingly complex. Changes to the partner program are intended to respond to those needs.
Nextiva Partners with D&H Distributing for Cloud Communications
Nextiva has announced a new partnership with North American technology distributor D&H Distributing. With D&H, the Scottsdale, Arizona-based UCaaS vendor expects to strongly expand its go-to-market footprint.
“Nextiva is excited to partner with D&H, one of the most recognized and trusted brands in IT distribution, to arm their thousands of resellers with a cloud communication and collaboration platform and to ensure more companies experience the comprehensive benefits of connecting all of their communications through Nextiva’s innovative NextOS platform,” said Eric Martorano, chief revenue officer at Nextiva. “With our partnership, D&H resellers and MSPs will be positioned to lead with a powerful cloud communication platform to migrate businesses away from antiquated on-premises systems, enabling new and profitable revenue streams while embracing this high growth market segment.”
D&H’s channel will now have the ability to distribute Nextiva’s cloud communications solution, providing new options for the replacement of on-premises legacy phone systems, and leveraging the rapidly expanding UCaaS market.
“Nextiva’s unified communications products are a valuable addition to D&H’s cloud solutions portfolio, augmenting a persuasive line-up of communications and collaborative solutions,” said Dan Schwab, co-president at D&H. “Our agreement furthers a mutual goal to deliver powerful, customizable, end-to-end solutions, helping channel partners provide an exemplary range of services for today’s rapidly-evolving business environments.”
The partnership comes on the heels of a solid year of growth for Nextiva’s channel partner ecosystem. UCaaS has seen major uptake in the midst of the work-from-anywhere business model, partly driven by Covid-19.
Through this partnership, Nextiva aims to broaden the adoption of its cloud-based communication solutions, especially to customers with on-premises legacy phone systems.