A new research report on the trends and challenges of automating cybersecurity has discovered that almost all (98%) UK cybersecurity leaders plan to automate cybersecurity in their organisations more in the next 12 months, with productivity the biggest driver. However, issues of technology, budget, skills, and trust are among the hurdles impacting implementation of and future investment in cybersecurity automation.
ThreatQuotient commissioned a survey of 250 senior cybersecurity professionals at UK companies employing 2,000 or more people from a range of industries including central government, critical national infrastructure, and retail. The findings shine a light on the current and future role of automation in cybersecurity along with specific areas of focus for security leaders.
Cybersecurity automation a significant factor for organisations
The State of Cyber Security Automation Adoption in 2021 report highlights the significance of automation for security professionals in the UK, with 77% of respondents saying it is an important factor of their organisation’s cybersecurity strategy. Half are already automating threat intelligence processing, with 44% automating vulnerability management and 39% doing the same for password resets.
With regards to cybersecurity spend, 63% of respondents said that automated actions were either fairly or critically important when selecting a new cybersecurity product. Key areas of future spend in relation to cybersecurity automation are threat intelligence processing, incident response/management, and vulnerability management.
Issues blocking cybersecurity automation in organisations
With 95% of security leaders surveyed having already automated somewhere between 25% and 100% of their security operations, and with 98% planning to further invest in the next 12 months, cybersecurity automation is clearly an ongoing journey for UK organisations. However, they face notable challenges in adoption of autonomous technology with hurdles set to continue to play a role in the years to come.
As many as 92% of organisations have experienced problems and issues when implementing cybersecurity automation previously, with only 8% doing so trouble-free. Issues cited include a lack of skills and trust in the outcomes of automation, whilst budgetary concerns are also prevalent. When it comes to matters that are blocking organisations from implementing new automation, technology, budget, and skills are the biggest hurdles.
Commenting on the research findings, international VP of ThreatQuotient, Anthony Perridge, says the survey was commissioned to better understand how far down the road senior cybersecurity professionals are with their IT security automation initiatives. “There are several barriers preventing organizations from maximizing the benefit of automation, such as budget, prioritization issues, talent gaps, technology, trust concerns and more. We know that data-driven automation can enable security operations teams to reliably trust the data and be confident in their decisions, which for many security professionals will be absolutely ground-breaking as they look to automate more use cases.”
Gloss