Scarcity of Security Pros Advances Automation
-
Scarcity of Security Pros Advances Automation
Organizations are turning to security automation to cope with a shortage of qualified security professionals and heavy reliance on manual security. -
Incident Response Capabilities
98% of the IT professionals surveyed said they are challenged by incident response capabilities, and 71% claim that IR has become more difficult during the past two years. -
Top Three IR Challenges
Monitoring processes from end to end: 47%, Keeping up with the volume of threat intelligence: 46%, Keeping up with the volume of security alerts: 43% -
Security Skills Gap
The security skills gap, combined with heavy reliance on manual resources, exacerbates IR challenges. 91% of respondents said IR efficiency and effectiveness are limited by the staff time and effort required of manual processes. -
Need More Security Staff
91% of respondents are actively trying to increase the size of their IR staff. -
Turning to Automation and Orchestration
62% of the respondents have already taken action to automate and/or orchestrate IR processes. Another 35% are either engaged in a project or plan to initiate one within 18 months. -
Initiatives Are Just Beginning
The shift to automated and orchestrated IR is just beginning. Only 32% of respondents categorize their initiatives as at a mature stage. -
Reasons to Move to IR Automation/Orchestration
Automating data collection: 50%, Reducing human error: 49%, Improving ability to triage incidents: 47% -
Plans For IR Spending
91% of respondents said their organization's spending on IR will increase over the next two years, and 40% said spending will increase significantly. -
Plans for Process Alignment
50% plan to improve the alignment of IR and IT governance processes; 43% expect to test their IR processes more often; and 38% plan to hire more incident response personnel. -
Recommendations
Start small by setting realistic short-and long-term goals. Define metrics, measure progress and make corrections along the way. Push for increased collaboration between CIOs and IT operations managers. Focus less on resource volume and more on technology integration. Look to vendors for automation, while optimizing internal IR resources.
A shortage of qualified cyber-security professionals and heavy reliance on manual security are driving companies to use automation to respond to security incidents, according to a survey sponsored by security and automation firm Hexadite. The Enterprise Strategy Group (ESG), which conducted the research, surveyed 100 IT professionals in North America who have knowledge or responsibility for their organization's incident response (IR) program. "Nearly every organization admits to challenges in the way they currently handle incident response, forcing them to look for other options," said Jon Oltsik, senior principal analyst at ESG. "Big changes are coming. Based on input from practitioners in the field, it's clear that organizations see the value of IR automation and orchestration, and we're just at the beginning of this trend." The research shows that 91 percent of respondents believe IR efficiency and effectiveness are limited by the time and effort of manual processes. Further, it found that 97 percent of organizations have either already taken steps to automate and/or orchestrate IR processes, or plan to do so within the next 18 months. Here's a look at some of the key findings from the survey.