ThreatQuotient publishes 2023 State of Cybersecurity Automation Adoption research report

Survey results highlight the expanding importance of automation, a change in how cybersecurity professionals determine ROI, and how cybersecurity teams believe they can avoid burnout.

  • 5 months ago Posted in

ThreatQuotient has released the State of Cybersecurity Automation Adoption 2023. Based on survey results from 750 senior cybersecurity professionals at companies in the U.K., U.S. and Australia from a range of industries, this global research report examines the drivers and challenges for implementing cybersecurity automation in today’s enterprises. The third edition of this annual survey highlights how automation has become significantly more important compared to 2022 results.

Three quarters of respondents (75%) now say cybersecurity automation is important, up from 68% last year. Additionally, compared to last year, a higher percentage of respondents are automating key areas of their cybersecurity programme. The most notable use case increase is in alert triage, with 30% now using automation compared to 18% in 2022. There has also been a 5% rise in the use of automation for vulnerability management. Overall, phishing analysis is the most common use case for automation in 2023, adopted by 31% of respondents.

Key research findings also include:

• Every survey participant reported problems with cybersecurity automation: the top three challenges are lack of trust in outcomes, slow user adoption, and bad decisions such as incorrectly blocking benign domain names or innocent emails.

• Insufficient budget, growing regulatory and compliance challenges, and high team churn rates are the top three challenges facing cybersecurity teams.

• Employee satisfaction and retention has become the main metric for assessing cybersecurity automation ROI for more than 60% of leaders, outweighing other measures such as how well the solution is performing in security terms.

• Leaders believe cybersecurity team wellbeing would be improved by smarter tools that simplify work, greater flexibility over working hours and location, and increasing team headcount.

• Budget for automation projects is now less likely to be net new allocations – only 18.5% have new budget this year, a drop from 34% last year. 57% are allocating budget from outside the team, while 46% have increased it by allocating budget from other tools.

• Increasing efficiency is a main driver for cybersecurity automation for 41% of respondents, closely followed by regulation and compliance (38%) and increasing productivity (36.5%). Interestingly, maintaining cybersecurity standards dropped from joint first last year to fifth place this year.

• Integration with multiple data sources (24%), training availability (23%), and automated reporting (21%) top the wish list for organisations when choosing cybersecurity automation solutions.

“Implementing cybersecurity automation is a complex and multifaceted undertaking, as borne out by the last three years of our research,” said Leon Ward, Vice President, Product Management, ThreatQuotient. “While most surveyed organisations say cybersecurity automation is important to their business, there are signs of dissatisfaction, with all but one respondent saying they have encountered problems. That said, there are proven use cases for automation, and we believe the main barriers encountered are due to early adoption of solutions that didn’t deliver on their potential and had a lack of integration capabilities.”

On the topic of measuring the ROI of cybersecurity automation, Ward notes: “The shift in how businesses measure ROI is significant, indicating a change in what organisations view as the “point” of investing in cybersecurity automation – the prime motivation is to improve the experience of employees. By allowing automation to shoulder the burden of lower value, repetitive activities, and release analysts for more interesting and fulfilling work, companies can improve employee satisfaction, wellbeing, and reduce churn.”

Ward continues: “With ROI measured on the basis of team satisfaction and retention, vendors need to incorporate the human benefits of their solution into product design and messaging. There are several developments on the horizon that should respond to this need, including the introduction of AI (artificial intelligence) and greater rollout of low and no-code solutions.”  

XM Cyber has released the findings of its third annual research report, Navigating the Paths of...
In response to evolving cyber threats, Graylog has released Graylog Security 6.0 to help...
Extends the Dynatrace platform’s existing security capabilities to enable customers to drive...
Cato Networks has unveiled the findings of its inaugural Cato CTRL SASE Threat Report for Q1 2024....
Google Cloud enables CrowdStrike for Mandiant IR and MDR services.
Powered by Precision AI, copilots will supercharge security team productivity and improve security...
Report highlights how technological advancements breed stronger cloud threats as 91% express...
Zscaler has collaborated with Google on a joint zero trust architecture with Chrome Enterprise.