Cyber warnings going ignored as 1 in 4 companies are still investigating alerts manually

Cyber warnings going ignored
New BAE Systems research shows half of mid-sized businesses name lack of skilled staff as top security monitoring concern.
In an era of increasing cyber threats, business and IT professionals are sounding the alarm: the reliance on manual alert investigation and lack of skilled cybersecurity workers is putting businesses at risk. New research commissioned by global defense, aerospace and security company, BAE Systems, and conducted via Spiceworks, the leading network for IT professionals, shows the skills gap continues to challenge organizations, large and small.
The gap between the need for skilled cybersecurity employees and the people available to fill these roles continues to grow. BAE Systems’ new research shows that the skills gap is the primary challenge keeping organizations from reaching their security goals, with 50% of businesses identifying the lack of staff with the required security skills and expertise as the leading issue. Almost 40% suggest retention and training are also factors, highlighting the difficulty of capturing best practices from experienced staff for more junior employees.
With teams stretched thin, and the number of alerts and hacking attempts increasing, some IT professional are turning to technology to optimize and automate their security practices and reporting. Currently, over a third of mid-sized organizations surveyed (37%) are still investigating alerts manually, and a shocking 7% -- as many as over 1,200 US medium-sized businesses1 – are doing nothing with the alerts they receive. On average, of the alerts that make it through the current security tools these organizations have in place, fewer than 20% are actually investigated.
Colin McKinty, VP of Cyber Security Strategy with BAE Systems Applied Intelligence said: 
“A lack of skilled cybersecurity resources is leaving essential work undone, and putting Americans at risk. Alerts go ignored because there are too few team members, and if one of those alerts indicated suspicious activities that could lead to a legitimate threat of an imminent breach, the company has now lost critical time to secure its corporate and customer data, and protect its reputation.”
The IT professional surveyed are working to address this risk. While 43% of the organizations surveyed are planning to train up existing staff, and 36% plan to grow their team, the skills gap may make this route challenging. Many are instead looking at bringing on new tools to optimize their security monitoring and reporting, to improve security with their existing team and help their security operations run more smoothly. Research showed that 42% of IT professional plan to buy additional tools -- 54% reported seeking security monitoring tools that identify existing vulnerabilities and high priority incidents on the network and the same number (54%) are looking to reduce the time between a breach and when the incident is reported.
When it comes to the current security tools employed by large businesses (500+ employees), the majority are happy with what they are using, with over three-quarters (78%) reporting they are satisfied or very satisfied with their current tools, and only 7% expressing dissatisfaction. But it is a different story for mid-sized companies: almost one in five (17%) are dissatisfied with their current solutions. The tools employed by smaller businesses put a significant burden on their IT teams -- 37% of businesses with between 250-499 employees are manually investigating all logs and alerts.
McKinty continued: “Identifying cyber risks is complex and time-consuming, and every day there is the risk of missing serious attacks before they cause significant impact, compromising company information, and the larger implications and costs associated with a high-profile breach. The future of security technology is real-time. Businesses need to be confident that attacks and risks on their network are being identified as they happen, without the need for large, dedicated security teams, or time-consuming manual investigations of alerts.”
Acknowledging the challenging resourcing climate facing today’s organizations, BAE Systems is committed to reducing the workload of teams responsible for security monitoring with solutions that help identify high priority incidents that require action from the noise of too-frequent security alerts. This improved signal-to-noise ratio is a result of archiving false positives and tracking them as they evolve to eliminate sending alerts for known low-priority threats. Intelligent technology supporting a skilled security team; a smart way to address the skills gap.
(1) Estimated figure calculated using United States Census Bureau data for number of businesses by employment size, 2008: 
For further information, please contact:
BAE Systems

Nick Haigh, BAE Systems
M: +44 (0)7525 390982
Bite Communications
Monica Roddey, Bite Communications
M: 1 (905) 617-5456

Notes for Editors

About the research
The data contained in this release comes from 600 IT decision-makers in the UK and the US, from organizations with between 250 and 9,999 employees, in a variety of commercial sectors. The online survey was conducted in November 2017, and respondents were required to be involved in the decision making process for security solutions at their organization, and employ security solutions that produce alerts. The research was conducted by Spiceworks.

Cyber Security at Risk Infographic

Cyber Security at Risk Infographic - Click to View Full Infographic

Cyber Security at Risk Infographic - Click to View Full Infographic


Research highlights

Skills gap continues to challenge organizations:
  • Of IT decision-makers surveyed, 50% say that the lack of staff with the required security skills & expertise is the most significant problem preventing them from achieving their security objectives.
  • 39% report difficulty capturing best practices from experienced staff for less experienced staff to follow.
  • Undeterred by the skills gap, in the next year, 43% plan to train up existing staff and 36% plan to increase the size of the team.
What IT professional are looking for in a security tool:
  • 54% of those surveyed are looking for a tool that minimizes the time between a breach and an incident being reported.
  • For over half of respondents (54%), two of their top three objectives for a security monitoring tool include “identifying existing vulnerabilities” and “identifying high priority incidents on the network”.
Satisfaction with current security tools:
  • While overall 73% of respondents are satisfied or very satisfied with the tool they’re currently using, mid-sized companies (250-499 employees) are much less happy: 17% are dissatisfied with their security tools.
  • Interestingly, 37% of mid-sized orgs investigate alerts and logs manually, and 7% do nothing proactive with the alerts they receive.
  • Over a quarter (27%) of respondents’ organizations investigate logs and alerts manually.
  • Of organizations whose teams do nothing proactive with logs & alerts, 25% are dissatisfied with their current security monitoring.
About BAE Systems
At BAE Systems, we provide some of the world’s most advanced technology defense, aerospace and security solutions. We employ a skilled workforce of 82,500 people in over 40 countries. Working with customers and local partners, our products and services deliver military capability, protect people and national security, and keep critical information and infrastructure secure.
At BAE Systems Applied Intelligence, we help nations, governments and businesses around the world defend themselves against cybercrime, reduce their risk in the connected world, comply with regulation, and transform their operations.
We do this using our unique set of solutions, systems, experience and processes - often collecting and analyzing huge volumes of data. These, combined with our Cyber Special forces - some of the most skilled people in the world, enable us to defend against cyber-attacks, fraud and financial crime, enable intelligence-led policing and solve complex data problems.
We employ over 4,200 people across 18 countries in the Americas, APAC, UK and EMEA. For further information about BAE Systems Applied Intelligence, please visit
Issued by:
BAE Systems plc
Media hotline: + 44 (0) 7801 717739