A new report analyzing over 25 million security alerts across live enterprise environments has found that security teams are systematically ignoring or failing to investigate informational and low-severity alerts—a practice the researchers describe as institutionalized 'not looking.' The dataset includes monitoring of 10 million endpoints, suggesting the problem is endemic to how major organizations handle security signal triage.