2022 Cloud Security Alert Fatigue Report

Security professionals are all too familiar with alert fatigue.

They faced it in the on-prem world, and now they’re dealing with it in the cloud. Organizations use many different security tools that each generate alerts, overwhelming security teams who have to spend hours each day reviewing alerts to determine which issues need to be fixed first.

Like the story of ‘The Boy Who Cried Wolf’, if the amount of meaningless and false positive alerts becomes too great, responders become desensitized, resulting in alerts that actually do deserve attention, getting missed.

The Survey

To find out more about the current state of alert fatigue, its causes, impacts, and possible solutions, Orca Security commissioned a global survey held among 813 IT decision makers in five countries and across ten industries.

This report discusses the global findings. The key findings per country and industry are listed in the Appendix.

The Respondents

To participate in the survey, respondents needed to have at least 25 cloud assets on one of the major public cloud platforms. The majority of respondents (84%) had more than 100 cloud assets. Most respondents use AWS, Azure and Google Cloud, closely followed by IBM Cloud and Oracle Cloud.

Respondents’ job levels varied from staff (10%), manager (61%), to executive (29%).