53% of respondents said their organization does not have enough staff to monitor threats 24/7
The adoption of automation for IT security functions is on the rise across the US, UK and APAC, according to Poneman study.
Overall, the findings demonstrate an increase in confidence in job security, and meaningful benefits brought forth by automation, including improved efficiency and productivity among security staff. Still, complexities remain in addressing the skills gap as organizations increase their use of automation.
Figure 1: Key Benefits of Automation
Humans still required for IT Security automation?
Developments in automation tools for cybersecurity have directly influenced hiring and resource allocation among respondent organizations, two-thirds of which are global organizations with at least 1,000 employees.
According to the study, nearly half of respondents (46%) cite an inability to properly staff their IT functions with skilled personnel, and noted that the gap in advanced cyber skills has been a driver for increasing investment in cyber automation technologies.
Moreover, 73% of respondents based in the US revealed the IT security function is typically understaffed; 70% of respondents in the UK and 67% of APAC-based respondents share these sentiments.
In comparison to last year’s study, more respondents (65%) in the US now believe that human involvement in security is important in the age of automation, with 48% saying automation will increase the need to hire people with more advanced technical skills.
Figure 2: Reasons why organizations do not adopt automation
The report revealed 40% of teams typically spend 51-100 staff hours per day triaging and investigating alerts, and 19% spend more than 100 hours. Moreover, 53% of respondents said their organization does not have enough staff to monitor threats 24/7.
The findings also indicate that automation will improve teams’ abilities to prioritize threats and vulnerabilities, and increase the speed of analyzing them. This introduces new complexities around hiring needs, as a higher level of expertise is needed to leverage automation in an impactful way.
The majority of respondents indicated that the jobs most likely to be automated in the next three years are activities that require lower skill levels (e.g., log analysis, malware analysis, threat analysis), while higher tier work, such as attack simulation and threat hunting are not as widely expected to become fully automated.
Additional trends revealed in this year’s report include:
- 54% of respondents say reliance on legacy IT environments prevents the adoption of automation.
- 60% of respondents surveyed report automation will be used for threat hunting in the next few years.
- Most respondents (61%) do not think they will lose their jobs because of automation, with 51% citing its inability to replace human intuition and hands-on experience as the primary reason.
- AI is now a trusted part of security solutions for 70% of respondents. 43% say AI provides an additional layer of monitoring that they don’t currently have in place.