75% of businesses have spent as much if not more time chasing false positives than they did dealing with actual security threats according to Fastly and Enterprise Strategy Group report.
The report illustrates the current state of security software as a “patchwork of incompatible tools” added when new cloud providers are brought on board to modernize the app architecture.
Cloud and API-based applications make security considerably more complicated than in the era of on-premise computing, as the average of 11 web apps and API security tools shows, costing the typical company nearly $3 million a year.
These tools, the report says, are ineffective and impede growth largely because a safety warning is almost 50% likely to be wrong.
Regardless of the reason for the acquisition, these tools have not worked for many companies, resulting in them either running in log-and-monitor mode (in 53% of cases), being completely disabled (12%) or both (26%).
That makes 91% of businesses disabling or reducing the capabilities of their security software in response to too many false positives.
There are many different ways to get rid of false positives, although the report makes a very persuasive suggestion: buy and install a single, consistent solution designed to meet modern cloud and API security requirements. Only 1% of respondents have done so, though 93% say they plan to do so or are interested in doing so themselves.
For more information, read the original story in TechRepublic.