Alert Fatigue, otherwise known as alarm fatigue, occurs usually when a SOC analyst is vulnerable to a large number of frequent alarms (alerts) and consequently becomes desensitized to them.

Desensitization usually results in longer response times and/or missing important alerts from malicious activity. A large number of those alerts are not, in fact, real threats but false positives alerts. However, alert fatigue can be very dangerous to an organization or enterprise because it can lead to real threats not being properly investigated and left to dwell in the network system longer which makes it more likely that an attack can cause long-lasting damage.

Damage can include, but is not limited to, damage to an organization’s reputation can cost the organization future customers, investors and of course, ultimately negatively impact their earnings for an extended period of time.