Despite high levels of automation within cybersecurity across a range of different verticals, almost half lack trust in the outcomes that automation can provide.
According to a ThreatQuotient report, titled State of Cybersecurity Automation Adoption in 2021, 95% of UK senior cybersecurity professionals in large organisations have used automation, and 98% plan to use more (of these, 5% will use automation for the first time). However, only 77% of respondents believe that automation is important, suggesting that many are simply adopting automation because it is expected.
According to survey respondents, 34% adopt automation to improve or maintain security standards, and 31% say it is to improve both efficiency and productivity.
Half of the survey respondents automate threat intelligence processing, 44% automate vulnerability management, and 39% automate password resets. Organisations are also likely to use automation for threat intelligence, the report notes.
The more problematic side of automation comes at the implementation phase, where 92% of respondents say that have hit problems.
Furthermore, respondents also doubt the accuracy of automated threat detection and the damages this could cause if it is not done correctly.
Other barriers include budgets, prioritisation, skills gaps, technology, trust, and the risk of automating the wrong parts of cybersecurity. Of note, 45% of respondents believe that a lack of skill is the problem and 41% lack trust in automation adoption outcomes.
The report notes, “It would seem from these responses that organisations that have automation capabilities built into technologies such as SIEMs, endpoint detection - response and security automation - orchestration solutions appear not to trust these to automate much beyond basic tasks such as sending out notifications or running a threat intelligence query.
The report also examines responses from five verticals: central government, defence, critical national infrastructure - energy and utilities, retail, and financial services.
Of the five verticals, respondents in the retail vertical believe that IT automation is very important (36%), while only 14% of those in the critical national infrastructure - energy and utilities vertical think it is important.
Respondents in the financial services vertical are keenly aware of regulation and compliance issues, while productivity is also a major driver for 46% of those in the vertical.
In the defence vertical, respondents are also enthusiastic about increasing productivity through cybersecurity automation, with 60% of respondents citing it as the main driver.
Those in the government vertical also consider productivity increases as the main driver for automation, but successful automation depends on having well-defined manual processes.