Home > NewsRelease > ‘Alert Fatigue’ Can Lead To Missed Cyber Threats And Staff Retention/Recruitment Issues
‘Alert Fatigue’ Can Lead To Missed Cyber Threats And Staff Retention/Recruitment Issues
Edward Segal, Crisis Management Expert Edward Segal, Crisis Management Expert
Washington, DC
Tuesday, November 23, 2021


Commentary From Crisis Management Expert Edward Segal, Author of Crisis Ahead: 101 Ways to Prepare for and Bounce Back from Disasters, Scandals and other Emergencies

The growing number of cyber alerts, threats and breaches is creating a vicious cycle and increased costs for many companies and organizations that can turn into crisis situations for business leaders.

Here's what happens: Frequent alerts about cybersecurity threats can lead to so-called "alert fatigue" which numbs the staff to cyber alerts, resulting in longer response times or missed alerts. The fatigue, in turn, can create burnout in IT departments, which then results in more turnover among the staff. When replacement personnel are hired, the cycle begins again.

That's according to a recently released report conducted by International Data Corporation (IDC) for Critical Start, a cybersecurity consulting and managed detection and response company. IDC surveyed more than 300 U.S.-based IT executives at companies with 500 or more employees. It found that:

  • Security staff spend an average of 30minutes for each actionable alert, while 32 minutes are lost chasing each false lead.
  • Companies with 500-1,499 employees ignore or don't investigate 27% of all alerts.
  • The figure is nearly a third (30%) for companies with 1,500-4,999 employees and 23% for those with 5,000 or more employees.

The IDC report noted that, "For many organizations, the capacity to ingest, correlate to, and respond to potential threats was difficult even before the mad dash to the cloud during the Covid-19 pandemic.

"Organizations have responded to the growing threats by adding evermore security tools while simultaneously struggling to fill the vacant seats in their security operations centers," it said.

'Alert Fatigue'

Randy Watkins, chief technology officer of Critical Start said that, "This is so prominent a problem that it's earned its own industry-recognized term: 'alert fatigue', and it's a driving factor in the low job retention we see across the industry" in security operations centers.

Risks For Companies

"The risk from a board perspective is losing the people who are looking at and mitigating the deluge of alerts. As a result, the conversation becomes centered around the inability to mitigate risk to a business's acceptance, because they can't hold onto the employees who review these alerts," he said.

Impact On Recruiting

"This trickles down further into the recruiting conversation. It's expensive and time consuming to hire, onboard and properly train someone who's just going to burn out within a few months, and so on," Watkins observed.

Advice For Business Leaders

According to the IDC report:

  • Responding to the ever- growing number and sophistication of threats is onerous, yet organizations must deal with them.
  • The security department must recognize, reduce, and/or transfer risk through the utilization of cyber insurance.
  • Security operation centers must test their capability of thwarting a zero-day cyberattack through the use of a red/blue/purpleteam exercise.
  • To raise the awareness of management across the board, security teams should run through ransomware tabletop exercises.


Edward Segal is a crisis management expert, consultant and author of the award-winning Crisis Ahead: 101 Ways to Prepare For and Bounce Back from Disasters, Scandals and Other Emergencies (Nicholas Brealey). He is a Leadership Strategy Senior Contributor for Forbes.com where he covers crisis-related news, topics and issues. Read his recent articles at https://www.forbes.com/search/q=Edward%20segal#31ed72442

News Media Interview Contact
Name: Edward Segal
Title: Crisis Management Expert
Group: Edward Segal
Direct Phone: 415-218-8600
Jump To Edward Segal, Crisis Management Expert Jump To Edward Segal, Crisis Management Expert
Contact Click to Contact