New 2023 State of Cybersecurity Automation research reveals that while adoption is rising, lingering hurdles undermine its effectiveness.
Cybersecurity automation has steadily gained traction as organisations seek to improve efficiency, address talent gaps, and keep up with escalating threats. However, our latest State of Cybersecurity Automation research shows that while more businesses are utilising automation, they continue to grapple with obstacles that prevent them from fully capitalising on its benefits.
Our recent study surveying over 700 cybersecurity professionals uncovered several persistent pain points in implementing automation. The research found that a lack of trust in automated outcomes, insufficient expertise among users, and poor communication between teams have hampered automation success. As a result, organisations struggle to build confidence in automation and maximise its effectiveness.
Lack of Trust Undermines Confidence in Automation
The research revealed ubiquitous struggles with implementing cybersecurity automation, with 100% of respondents reporting problems. The top issues undermining confidence in outcomes were lack of trust (31%), slow user adoption (30%), and bad decisions (29%).
However, when we drill down, CISOs differ from other leaders regarding specific challenges. 40% cite “bad decisions” as a top concern versus 29% overall. With ultimate cyber risk accountability, CISOs feel the impact of poor automation outcomes.
Automated actions like incorrectly blocking legitimate emails/domains appear suspicious but negatively impact business. These errors erode user trust that automation improves security, and organisations become hesitant to rely on it.
For example, an automated system may erroneously block access to a legitimate business domain that some vendors use for email communication. Employees suddenly find themselves unable to communicate with key partners, and business operations grind to a halt. It negatively impacts revenue and destroys end-user trust in the value and accuracy of automated security systems. Organisations then become extremely hesitant to rely on automation out of fear of these business-disrupting outcomes.
Without confidence in reliable automated outcomes, businesses will not entrust critical security processes to them. The 31% reporting a lack of trust is a major obstacle preventing full realisation of automation benefits. Overcoming this requires solutions that provide transparency into automated decisions.
Skill Shortages Compound Adoption Difficulties
Insufficient expertise among security team members makes implementing automation effectively challenging. Limited skills lead to misconfigurations, integration issues, and other problems. These glitches reinforce the 31% lack of trust in outcomes. When automation fails unpredictably due to suboptimal implementation, organisations cannot reap its advantages.
With the cybersecurity skills gap still growing, and 25% of CISOs reporting the skills shortage as their biggest challenge, businesses often lack personnel to adeptly deploy and manage automation tools. 23% of respondents sought training availability when selecting solutions, which is key for adoption success, and it is clear that skills development should be a key area of focus for organisations to capitalise on automation potential.
CISOs point to organisational issues exacerbating challenges. 25% cited high team turnover as their primary concern, disrupting expertise continuity and skills to implement automation smoothly.
Achieving Lasting Buy-In Requires Clear Communication
The research revealed disconnects between roles on automation perspectives. 42% of CISOs cited efficiency as the top driver to adopt automation. SOC leads and MSSPs see regulatory compliance as a prime factor.
These mixed viewpoints signify a lack of alignment on automation goals and direction. CISOs must bridge gaps through improved communication of automation plans and benefits. Setting clear objectives, educating all team members, and demonstrating tangible gains are critical for lasting buy-in.
When one specialised team implements automation in a vacuum, broader adoption lags. But inclusive messaging of how automation helps every role work smarter fosters shared buy-in.
Continuous engagement with stakeholders is also vital. Leaders must showcase automation enhancing efficiency, compliance, productivity, or other goals important to each executive.
With disjointed perspectives on its value and role, automation struggles for a foothold. Consistent, compelling communication of advantages enables robust, organisation-wide backing of initiatives.
Smarter Tools and Processes Are Key to Overcoming Obstacles
The 2023 research makes clear that implementing cybersecurity automation still faces hurdles, with 100% of respondents reporting issues. However, smarter tools and workflows can help organisations overcome these challenges to realise automation’s potential.
One key need is for automation tools that provide transparency and guardrails, fostering user trust. Intuitive interfaces also enable easier adoption by users at all skill levels, mitigating the skills shortage cited by 23% as a top challenge.
Standardising processes around automation provides the consistency needed to maximise benefits. Workflows like automated triage avoid the ad hoc approaches causing fragmented gains.
Integrations between tools create seamless data flows and unified workflows rather than disjointed toolsets. 24% want integration with multiple data sources when selecting automation solutions.
Implementing automation without addressing trust, usability, training, integration, and standardised processes invites disappointment. The research makes clear that these smarter tools and workflows offer a path to overcoming obstacles and automation success.
Automation challenges can be overcome
This exploration of the current cybersecurity automation landscape reveals persistent challenges that hamper organisations from realising their full advantages. Core problem areas include deficient trust in outcomes, skill shortages among staff, and internal disconnects about automation’s role and value.
By taking concerted action to increase confidence via transparency, boost team expertise through training, and align understanding of automation’s benefits via consistent leadership messaging, CISOs can overcome these hurdles.
With thoughtful adoption strategies, secure design principles, and inclusive change management, organisations can tap into automation’s immense power to enhance security in the face of growing threats. Smarter tools, educated users, and clear communication allow cybersecurity teams to achieve new heights of efficiency and effectiveness through automation.
However, achieving automation’s full potential is not a one-and-done effort. It requires an ongoing commitment to iteration and optimisation as technologies, threats, and business needs evolve. Regular evaluation of processes and tuning of systems helps sustain peak performance over time.
Leaders must also continually assess the human side of the equation. Check-ins with staff at all levels provide valuable insights to shape training programmes, change management tactics, and internal messaging in a way that maintains strong buy-in across the organisation. With personnel empowered and aligned around shared automation goals, organisations can nimbly adapt their approaches to maximise value.
ThreatQuotient’s mission is to improve the efficiency and effectiveness of security operations through a threat-centric platform. By integrating an organisation’s existing processes and technologies into a single security architecture, ThreatQuotient accelerates and simplifies investigations and collaboration within and across teams and tools. Through automation, prioritisation and visualisation, ThreatQuotient’s solutions reduce noise and highlight top priority threats to provide greater focus and