ThreatQuotient Publishes Research Report: State of Cyber Security Automation Adoption in 2021

19

Report highlights trends and challenges of automating IT security systems and how CISOs and senior security professionals are planning to accelerate the adoption of automation

Anthony Perridge, Vice President, International at ThreatQuotient

Dubai, UAE: ThreatQuotient™, a leading security operations platform innovator, today released the State of Cyber Security Automation Adoption in 2021, new research focused on understanding the importance, challenges and trends facing businesses when it comes to automating their IT security systems. Based on survey results from 250 senior cybersecurity professionals at UK companies employing 2,000+ people from a range of industries, the report determined 98% intend to automate more in the next 12 months, but 41% have a lack of trust in automation’s outcomes.

As distributed workforces expand the threat surface, organizations must find ways to automate their security systems to proactively mitigate escalating cyber threats while supporting a growing hybrid work environment. The State of Cyber Security Automation Adoption in 2021 report surveyed five key vertical markets: Central Government, Defense, Critical National Infrastructure – Energy and Utilities, Retail and Financial Services. The research examines what IT security use cases or processes organizations have already automated and what they are planning to automate, as well as budgets, skills, resources, issues around trust, and assesses the overall outlook for IT security automation.

Key findings of the report include: 

Recognized importance of IT security automation

  • 77% of survey respondents stated IT security automation is important to senior security professionals.
  • Overall intentions to automate were high, with 95% stating that they have automated to some extent, and a trailblazing 40% saying they have automated between 51 and 100% of their processes.
  • According to a third (34%) of survey respondents, the top reason for IT security automation is the need to improve or maintain security standards, followed by the need to improve efficiency and productivity (31%).

Challenges around automation

  • 92% of organisations have experienced problems/issues when implementing IT security automation. In fact, only 8% said that they had not experienced problems.
  • Technology was cited as the top blocker that is preventing organisations from applying IT security automation (43%), in addition to a lack of skills (45%), a lack of trust in the outcomes (41%) and budget issues (40%).
  • 31% of organisations that have automation capabilities built into technologies such as SIEMs, Endpoint Detection & Response and Security Automation & Orchestration solutions do not trust these to automate much beyond basic tasks such as sending out notifications or running a threat intelligence query.

Future expectations and vision for the success for IT security automation

  • Going forward for IT security automation to be successful, 51% of the survey respondents said that well-defined manual processes were required.
  • Intention to automate threat intelligence was cited as the top use case for applying automation in the future. 50% of respondents are already automating threat intelligence processing.
  • 98% are planning to automate more of their security estate in the next 12 months. Of these, 5% will be applying automation for the first time.

“To gain a clearer picture of the state of IT security automation and adoption, and understand what is either accelerating or holding UK PLC back, we commissioned this survey to understand how far down the road senior cybersecurity professionals are with their IT security automation initiatives,” said Anthony Perridge, Vice President, International, ThreatQuotient. “There are several barriers preventing organizations from maximizing the benefit of automation, such as budget, prioritization issues, talent gaps, technology, trust concerns and more. At ThreatQuotient, we know that data driven automation can enable security operations teams to reliably trust the data and be confident in their decisions, which for many security professionals will be absolutely groundbreaking as they look to automate more use cases.”

Report Methodology

Leading security operations platform innovator, ThreatQuotient, commissioned a survey, undertaken by independent research organization, Opinion Matters, in May 2021. 250 UK senior cybersecurity professionals from companies employing 2000+ people from a range of industries took part including: Central Government, Defense, Critical National Infrastructure – Energy and Utilities, Retail, and the Financial Services Sector.

About ThreatQuotient:

ThreatQuotient improves security operations by fusing together disparate data sources, tools and teams to accelerate threat detection and response. ThreatQuotient’s data-driven security operations platform helps teams prioritize, automate and collaborate on security incidents; enables more focused decision making; and maximizes limited resources by integrating existing processes and technologies into a unified workspace. The result is reduced noise, clear priority threats, and the ability to automate processes with high fidelity data. ThreatQuotient’s industry leading data management, orchestration and automation capabilities support multiple use cases including incident response, threat hunting, spear phishing, alert triage and vulnerability prioritization, and can also serve as a threat intelligence platform. ThreatQuotient is headquartered in Northern Virginia with international operations based out of Europe and APAC.