ThreatQuotient publishes 2023 State of Cybersecurity Automation Adoption research report

Survey results highlight the expanding importance of automation, a change in how cybersecurity professionals determine ROI, and how cybersecurity teams believe they can avoid burnout.

  • 11 months ago Posted in

ThreatQuotient has released the State of Cybersecurity Automation Adoption 2023. Based on survey results from 750 senior cybersecurity professionals at companies in the U.K., U.S. and Australia from a range of industries, this global research report examines the drivers and challenges for implementing cybersecurity automation in today’s enterprises. The third edition of this annual survey highlights how automation has become significantly more important compared to 2022 results.

Three quarters of respondents (75%) now say cybersecurity automation is important, up from 68% last year. Additionally, compared to last year, a higher percentage of respondents are automating key areas of their cybersecurity programme. The most notable use case increase is in alert triage, with 30% now using automation compared to 18% in 2022. There has also been a 5% rise in the use of automation for vulnerability management. Overall, phishing analysis is the most common use case for automation in 2023, adopted by 31% of respondents.

Key research findings also include:

• Every survey participant reported problems with cybersecurity automation: the top three challenges are lack of trust in outcomes, slow user adoption, and bad decisions such as incorrectly blocking benign domain names or innocent emails.

• Insufficient budget, growing regulatory and compliance challenges, and high team churn rates are the top three challenges facing cybersecurity teams.

• Employee satisfaction and retention has become the main metric for assessing cybersecurity automation ROI for more than 60% of leaders, outweighing other measures such as how well the solution is performing in security terms.

• Leaders believe cybersecurity team wellbeing would be improved by smarter tools that simplify work, greater flexibility over working hours and location, and increasing team headcount.

• Budget for automation projects is now less likely to be net new allocations – only 18.5% have new budget this year, a drop from 34% last year. 57% are allocating budget from outside the team, while 46% have increased it by allocating budget from other tools.

• Increasing efficiency is a main driver for cybersecurity automation for 41% of respondents, closely followed by regulation and compliance (38%) and increasing productivity (36.5%). Interestingly, maintaining cybersecurity standards dropped from joint first last year to fifth place this year.

• Integration with multiple data sources (24%), training availability (23%), and automated reporting (21%) top the wish list for organisations when choosing cybersecurity automation solutions.

“Implementing cybersecurity automation is a complex and multifaceted undertaking, as borne out by the last three years of our research,” said Leon Ward, Vice President, Product Management, ThreatQuotient. “While most surveyed organisations say cybersecurity automation is important to their business, there are signs of dissatisfaction, with all but one respondent saying they have encountered problems. That said, there are proven use cases for automation, and we believe the main barriers encountered are due to early adoption of solutions that didn’t deliver on their potential and had a lack of integration capabilities.”

On the topic of measuring the ROI of cybersecurity automation, Ward notes: “The shift in how businesses measure ROI is significant, indicating a change in what organisations view as the “point” of investing in cybersecurity automation – the prime motivation is to improve the experience of employees. By allowing automation to shoulder the burden of lower value, repetitive activities, and release analysts for more interesting and fulfilling work, companies can improve employee satisfaction, wellbeing, and reduce churn.”

Ward continues: “With ROI measured on the basis of team satisfaction and retention, vendors need to incorporate the human benefits of their solution into product design and messaging. There are several developments on the horizon that should respond to this need, including the introduction of AI (artificial intelligence) and greater rollout of low and no-code solutions.”  

Acquisition of leading DSPM company will bolster Proofpoint’s human-centric security platform...
NTT DATA’s new Managed Detection & Response service powered by Palo Alto Networks Cortex XSIAM...
SPG is enhancing its cybersecurity capabilities in a new partnership with Saviynt, a leading...
Graylog has unveiled significant security advancements to drive smarter, faster, and more...
Datadog has published its new report, the State of Cloud Security 2024. The report found that...
ISACA research shows automating threat detection/response and endpoint security are the most...
Strategic partnership unifies AI-native endpoint security and next-generation firewall protection...
Advanced forms of social engineering are on the rise, though obvious gaps like weak passwords are...