Skills shortages and vendor sprawl holding up security automation
Juniper Networks and Ponemon study shows enterprises struggle to automate security
Enterprises appreciate the potential of automation in cybersecurity, but are struggling with implementation, according to a report from Juniper Networks and the Ponemon Institute.
The survey of 1,859 IT and IT security practitioners from Europe and the US found that while 70% believe automation is crucial to addressing the cybersecurity skills shortage and achieving a stronger security posture, more than half face issues in deployment.
By 2021, fighting cybercrime will cost businesses globally more than $6 trillion annually and there will be 3.5 million unfilled security jobs, according to Cybersecurity Ventures. Echoing this issue, 57% of survey respondents say they are unable to recruit the skilled personnel needed to deploy their security automation tools. As cybercriminals continue to automate attacks without being subject to the same regulations and compliance constraints, organisations are struggling with understaffed security teams, manual processes, disparate systems and complex policies that leave them buried in low value tasks.
"The cybercrime landscape is incredibly vast, organized and automated - cybercriminals have deep pockets and no rules, so they set the bar," said Amy James, Director of Security Portfolio Marketing at Juniper Networks. "Organisations need to level the playing field. You simply cannot have manual security solutions and expect to successfully battle cybercriminals, much less get ahead of their next moves. Automation is crucial."
The top two benefits of security automation, according to respondents, are increased productivity of security personnel (64%) and automated correlation of threat behavior to address the volume of threats (60%). Fifty-four percent of respondents say these automation technologies simplify the process of detecting and responding to cyber threats and vulnerabilities.
Among the challenges facing IT departments in implementing more automation are disparate security environments, made up of standalone security tools, which make integration a challenge, according to 71% of respondents.
Fifty-seven percent have interoperability issues among security technologies that diminish the effectiveness of automation technologies, 63% say it is difficult to integrate security automation technologies and tools with legacy systems, and 59% believe their organisation needs to streamline its number of vendors.
As a result of this vendor sprawl, security practitioners are finding themselves bogged down for nearly two hours each day processing alerts, events and logs to find malicious activity, according to the study. This leaves them with limited manpower to implement critical automation technologies and results in diminishing security postures. On top of that, the market is dry when it comes to skilled security personnel.
Only 35% say their organisations currently have the in-house expertise to be effective in using security automation to respond to malicious threats; 62% say the lack of in-house expertise diminishes their organisation's security posture and 57% percent say they are unable to recruit knowledgeable or skilled personnel to deploy their security automation tools.