98% of UK companies intend to increase the automation their cyber security in the next 12 months, but 41% have a lack of trust in automation’s outcomes.
According to The State of Cyber Security Automation Adoption in 2021 report from ThreatQuotient, which surveyed five key vertical markets: Central Government, Defence, Critical National Infrastructure – Energy and Utilities, Retail and Financial Services, as distributed workforces expand the threat surface, organisations must find ways to automate their security systems to proactively mitigate escalating cyber threats while supporting a growing hybrid work environment.
The research examines what IT security use cases or processes organisations have already automated and what they are planning to automate, as well as budgets, skills, resources, issues around trust, and assesses the overall outlook for IT security automation.
It finds that 77% of survey respondents stated IT security automation is important to senior security professionals. Overall intentions to automate were high, with 95% stating that they have automated to some extent, and a trailblazing 40% saying they have automated between 51 and 100% of their processes.
According to a third (34%) of survey respondents, the top reason for IT security automation is the need to improve or maintain security standards, followed by the need to improve efficiency and productivity (31%).
Challenges around automation
According to the study, 92% of organisations have experienced problems/issues when implementing IT security automation. In fact, only 8% said that they had not experienced problems.
Technology was cited as the top blocker that is preventing organisations from applying IT security automation (43%), in addition to a lack of skills (45%), a lack of trust in the outcomes (41%) and budget issues (40%).
Some 31% of organisations that have automation capabilities built into technologies such as SIEMs, Endpoint Detection & Response and Security Automation & Orchestration solutions do not trust these to automate much beyond basic tasks such as sending out notifications or running a threat intelligence query.
Going forward for IT security automation to be successful, 51% of the survey respondents said that well-defined manual processes were required.
Intention to automate threat intelligence was cited as the top use case for applying automation in the future. 50% of respondents are already automating threat intelligence processing. 98% are planning to automate more of their security estate in the next 12 months. Of these, 5% will be applying automation for the first time.
“To gain a clearer picture of the state of IT security automation and adoption and understand what is either accelerating or holding UK PLC back, we commissioned this survey to understand how far down the road senior cybersecurity professionals are with their IT security automation initiatives,” says Anthony Perridge, Vice President, International, ThreatQuotient. “There are several barriers preventing organisations from maximising the benefit of automation, such as budget, prioritisation issues, talent gaps, technology, trust concerns and more. At ThreatQuotient, we know that data driven automation can enable security operations teams to reliably trust the data and be confident in their decisions, which for many security professionals will be absolutely ground-breaking as they look to automate more use cases.”