Monday, 6th December 2021
Logo

Report highlights trends and challenges of automating IT security systems

ThreatQuotient has released the State of Cyber Security Automation Adoption in 2021, new research focused on understanding the importance, challenges and trends facing businesses when it comes to automating their IT security systems. Based on survey results from 250 senior cybersecurity professionals at UK companies employing 2,000+ people from a range of industries, the report determined 98% intend to automate more in the next 12 months, but 41% have a lack of trust in automation’s outcomes.

As distributed workforces expand the threat surface, organisations must find ways to automate their security systems to proactively mitigate escalating cyber threats while supporting a growing hybrid work environment. The State of Cyber Security Automation Adoption in 2021 report surveyed five key vertical markets: Central Government, Defence, Critical National Infrastructure - Energy and Utilities, Retail and Financial Services. The research examines what IT security use cases or processes organisations have already automated and what they are planning to automate, as well as budgets, skills, resources, issues around trust, and assesses the overall outlook for IT security automation.

Key findings of the report include:

Recognised importance of IT security automation

• 77% of survey respondents stated IT security automation is important to senior security professionals.

• Overall intentions to automate were high, with 95% stating that they have automated to some extent, and a trailblazing 40% saying they have automated between 51 and 100% of their processes.

• According to a third (34%) of survey respondents, the top reason for IT security automation is the need to improve or maintain security standards, followed by the need to improve efficiency and productivity (31%).

Challenges around automation

• 92% of organisations have experienced problems/issues when implementing IT security automation. In fact, only 8% said that they had not experienced problems.

• Technology was cited as the top blocker that is preventing organisations from applying IT security automation (43%), in addition to a lack of skills (45%), a lack of trust in the outcomes (41%) and budget issues (40%).

• 31% of organisations that have automation capabilities built into technologies such as SIEMs, Endpoint Detection & Response and Security Automation & Orchestration solutions do not trust these to automate much beyond basic tasks such as sending out notifications or running a threat intelligence query.

Future expectations and vision for the success for IT security automation

• Going forward for IT security automation to be successful, 51% of the survey respondents said that well-defined manual processes were required.

• Intention to automate threat intelligence was cited as the top use case for applying automation in the future. 50% of respondents are already automating threat intelligence processing.

• 98% are planning to automate more of their security estate in the next 12 months. Of these, 5% will be applying automation for the first time.

“To gain a clearer picture of the state of IT security automation and adoption and understand what is either accelerating or holding UK PLC back, we commissioned this survey to understand how far down the road senior cybersecurity professionals are with their IT security automation initiatives,” said Anthony Perridge, Vice President, International, ThreatQuotient. “There are several barriers preventing organisations from maximising the benefit of automation, such as budget, prioritisation issues, talent gaps, technology, trust concerns and more. At ThreatQuotient, we know that data driven automation can enable security operations teams to reliably trust the data and be confident in their decisions, which for many security professionals will be absolutely ground-breaking as they look to automate more use cases.”


Research shows ‘game needs to be changed,’ with security innovation years behind that of the attacke...
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that the...
Atos has launched Atos OneCloud Sovereign Shield, a set of solutions, methodologies, and operational...
New distribution agreement set to bolster Westcon-Comstor’s Zero Trust offering in more markets acro...
Research from Avast has found that employees in almost a third (31%) of Small and Medium Businesses...
This year, over half of MSPs or their end customers have been attacked by ransomware but only 53% of...
Trend Micro has published new research revealing that 90% of IT decision makers claim their business...
Cyber consultants call on businesses to act now, or risk budgets shrinking further in ‘real terms’ d...