ThreatQuotient, a security operations platform innovator, has released the State of Cyber Security Automation Adoption in 2021, new research focused on understanding the importance, challenges and trends facing businesses when it comes to automating their IT security systems
Based on survey results from 250 senior cybersecurity professionals at UK companies employing 2,000+ people from a range of industries, the report determined 98% intend to automate more in the next 12 months, but 41% have a lack of trust in automation’s outcomes.
As distributed workforces expand the threat surface, organisations must find ways to automate their security systems to proactively mitigate escalating cyber threats while supporting a growing hybrid work environment. The State of Cyber Security Automation Adoption in 2021 report surveyed five key vertical markets: central government, defense, critical national infrastructure - energy and utilities, retail and financial services. The research examines what IT security use cases or processes organisations have already automated and what they are planning to automate, as well as budgets, skills, resources, issues around trust, and assesses the overall outlook for IT security automation.
Major findings of the report include:
Recognised importance of IT security automation
• Around 77% of survey respondents stated IT security automation is important to senior security professionals.
• Overall intentions to automate were high, with 95% stating that they have automated to some extent, and a trailblazing 40% saying they have automated between 51 and 100% of their processes.
• According to a third (34%) of survey respondents, the top reason for IT security automation is the need to improve or maintain security standards, followed by the need to improve efficiency and productivity (31%).
Challenges around automation
• Around 92% of organisations have experienced issues when implementing IT security automation. In fact, only 8% said that they had not experienced problems.
• Technology was cited as the top blocker that is preventing organisations from applying IT security automation (43%), in addition to a lack of skills (45%), a lack of trust in the outcomes (41%) and budget issues (40%).
• Around 31% of organisations that have automation capabilities built into technologies such as SIEMs, endpoint detection & response and security automation & orchestration solutions do not trust these to automate much beyond basic tasks such as sending out notifications or running a threat intelligence query.
“To gain a clearer picture of the state of IT security automation and adoption, and understand what is either accelerating or holding UK PLC back, we commissioned this survey to understand how far down the road senior cybersecurity professionals are with their IT security automation initiatives,” said Anthony Perridge, vice-president, international, ThreatQuotient.