New UpGuard Research: Security Teams Waste 43% of Response Time on Manual Context Gathering

Alert overload is leading to critical blind spots, with 79% of organizations having been notified of a threat by external third parties

MOUNTAIN VIEW, Calif., March 18, 2026 /PRNewswire/ -- UpGuard, a leader in cyber security and risk management, today released its 2026 Context Gap Report, a benchmark study that reveals the structural failure in how mid-market security teams manage alert volumes. The research reveals that this "Context Gap" wastes valuable hours and ultimately contributes to delayed remediation and security incidents. Mid-size organizations, particularly those with lean security teams, also bear a heavier cyber security burden because they frequently face threat volumes comparable to those of large enterprises but lack enterprise-level resources, resulting in a disproportionately higher risk.

UpGuard's survey of 400 security leaders also highlights how AI is amplifying and accelerating cyberattacks at a volume and speed that is bogging down security operations and a team's ability to remediate. This alert overload is causing critical blind spots as 79% of organizations were notified of a threat by third parties such as researchers, customers, or attackers before their own internal detection.  Companies that delay remediation are far more likely to miss real threats.

The Triage Trap: When Noise Becomes Real Risk

The report identifies a critical bottleneck in the investigation process, where doubt serves as the primary time-sink for analysts.

  • The Triage Tax: The median security team spends 20 minutes dismissing a single junk alert.
  • The Exposure Gap: For 25% of organizations, manual triage requires 214 hours per week (the equivalent of 5.3 full-time employees), making it mathematically impossible for human teams to maintain proactive defense.
  • Tool Sprawl Backfire: Organizations utilizing more than five disconnected security tools are twice as likely to miss critical threats compared to those with an integrated toolset.

"Security teams aren't slow at fixing threats — they're buried in the work of understanding them", said Greg Pollock, director of Research at UpGuard. "When 43% of a security team's investigation time is consumed by manual context gathering, the downstream cost is measurable: in 79% of companies, it took a customer, a researcher, or law enforcement to find what their own tools missed. This is a wake-up call. Detection without context is just noise with a timestamp."

AI: The Source of and Solution to the Context Gap

While AI is powering live cyberattacks at a speed humans alone cannot match, it also offers the only path to closing the Context Gap.

  • Proactive Advantage: Teams that streamline efforts with consolidated tooling and unified attack-surface visibility can collapse "Time-to-Context" from hours to seconds.
  • Virtuous Cycles: Automated context gathering allows analysts to focus on high-value decision-making, leading to lower rates of delayed remediation and fewer incidents.

The findings reinforce the shift toward better outcomes by reducing time-to-context, helping teams prioritize what matters, routing issues to the right owners faster, and responding with enterprise-level speed even with limited resources.

To read the full report, including additional stats and insights on the "Context Gap" visit https://www.upguard.com/resources/the-context-gap.

Copies of the report will also be made available to attendees of RSAC 2026 Conference March 23-26 at UpGuard's booth #N-5885. Additionally, Pollock will be speaking March 24 at 5:10 p.m. PDT in the South Hall Briefing Center on the topic "From Crisis to Confidence: Cyber Defense ROI When Every Dollar Counts."

Methodology
To understand the time cost for detecting and responding to external threats UpGuard surveyed 400 information security leaders in North America, APAC, and India. The survey was conducted by Dynata, a market research firm with the worldˇs largest pool of first-party data respondents.

About UpGuard
Founded in 2012, UpGuard is a leader in cybersecurity and risk management. The company's AI-powered platform for Cyber Risk Posture Management (CRPM) provides a centralized, actionable view of cyber risk across an organization's vendors, attack surface, and workforce. Trusted by thousands of companies, UpGuard's platform is designed to help security teams manage cyber risk with confidence and efficiency. UpGuard is headquartered in Hobart, Tasmania with US headquarters in Mountain View, California. To learn more, visit www.upguard.com.

MEDIA CONTACT
Julie Huang
press@upguard.com

SOURCE UpGuard

Enhance Your Content with RSAC Photos

Access all the great moments of RSAC™ 2025 captured in photography. 

RSAC Photo Gallery

Copyright © 2026 Cision Ltd. 
General Terms & Conditions | Privacy Policy
Cookie Policy