Scarcity of Security Pros Advances Automation
Scarcity of Security Pros Advances Automation
Organizations are turning to security automation to cope with a shortage of qualified security professionals and heavy reliance on manual security.
Incident Response Capabilities
98% of the IT professionals surveyed said they are challenged by incident response capabilities, and 71% claim that IR has become more difficult during the past two years.
Top Three IR Challenges
Monitoring processes from end to end: 47%, Keeping up with the volume of threat intelligence: 46%, Keeping up with the volume of security alerts: 43%
Security Skills Gap
The security skills gap, combined with heavy reliance on manual resources, exacerbates IR challenges. 91% of respondents said IR efficiency and effectiveness are limited by the staff time and effort required of manual processes.
Need More Security Staff
91% of respondents are actively trying to increase the size of their IR staff.
Turning to Automation and Orchestration
62% of the respondents have already taken action to automate and/or orchestrate IR processes. Another 35% are either engaged in a project or plan to initiate one within 18 months.
Initiatives Are Just Beginning
The shift to automated and orchestrated IR is just beginning. Only 32% of respondents categorize their initiatives as at a mature stage.
Reasons to Move to IR Automation/Orchestration
Automating data collection: 50%, Reducing human error: 49%, Improving ability to triage incidents: 47%
Plans For IR Spending
91% of respondents said their organization’s spending on IR will increase over the next two years, and 40% said spending will increase significantly.
Plans for Process Alignment
50% plan to improve the alignment of IR and IT governance processes; 43% expect to test their IR processes more often; and 38% plan to hire more incident response personnel.
Recommendations
Start small by setting realistic short-and long-term goals. Define metrics, measure progress and make corrections along the way. Push for increased collaboration between CIOs and IT operations managers. Focus less on resource volume and more on technology integration. Look to vendors for automation, while optimizing internal IR resources.
