Security's heavy reliance and emphasis on technology--due to both its heritage and the reality of a shortage of manpower--is part of the reason attackers are getting the upper hand, experts said here this week.
A lack of security humans to connect the dots from the abundance of security alerts and data generated by various security tools in the enterprise can easily lead to a needle-in-the-haystack "fail." Target's dismissal of real alerts amid the piles of false positives it had to cull through has become a cautionary tale of just how challenging it is to parse security data today.