Recently, Magnet Forensics conducted its annual State of Enterprise Digital Investigation and Incident Response Survey of 492 DFIR professionals in North America, Europe, the Middle East and Africa.
As we already know, forensic and cyber incident response teams are facing ever-increasing workloads in a context where cyber attacks are also evolving towards more complexity.
More than half of the professionals who responded to the survey said they felt burnt out in their work. Indeed, the evolution of cybercrime is putting a huge strain on cyber teams as it increases the number of alerts contributing to the now sadly famius “alert fatigue’. The amount of data requiring investigation is consistently increasing, posing a “major” or even “severe” issue for organizations as identifying the cause of an attack requires more time. A global talent shortage isn’t helping matters. All of these factors are adding to their exhaustion and driving them towards finding alternative solutions such as automation. Investing in automation is considered "very" or "extremely" valuable by workers. The burden of anaysts’ workload also exposes organsisations to regulatory risks. A considerable proportion (46%) acknowledged that they lack the time to comprehend new cybersecurity regulations.
The burnout of IT security teams is not new but it is still increasing. Reducing the analyst fatigue is at the heart of our mission at Malizen. How do we do that? A single interface to explore disparate data sources and avoid context switching, a visual exploration envirenment to investigate in an intuitive and faster way, a co-pilot based on machine learning to guide in all the steps of investigation and mitre attack classification, collaborative investigation, automatic reporting... In short, everything has been implemented so that analysts spend less time on repetitive tasks and more time to implement their technical expertise!