Automation will improve security function, according to surveySecurity professionals reveal the reasons and concerns behind the adoption of automation and AI as security tools — the 2019 Ponemon Institute and DomainTools survey
Automation and AI are two technologies changing the security landscape.
But, there is cause for concern in adopting these two ‘silver bullets’.
IT security staffing: a problem
More than 1,400 security professionals based across the US, the UK and APAC provided answers on the impact that automation and artificial intelligence (AI) will have on the staffing of IT security functions.
All of the respondents, according to DomainTools, participate in attracting, hiring, promoting and retaining IT security personnel within their organisations.
The results clearly indicated a shortage of IT security staff across geographical regions, with 78% of all respondents admitting their teams are understaffed.
According to respondents, automation will provide a partial solution to the problem, relieving IT security professionals of time-consuming and non-cost-effective tasks, such as malware analysis, which is either already automated (50%), or is planned to become so in the next three years (56%).
Only 35% of respondents, however, think that automation will reduce the headcount of their IT security function: 40% even expect an increased need for hires with more advanced technical skills.
“Within just one year, the perspective around adoption of automated technologies has notably shifted among security professionals,” said Dr Larry Ponemon, chairman and founder of the Ponemon Institute.
“Contrary to the popular belief that the rise of automation will threaten the job market, organisations now feel these technologies will help ease the current strain on resources, and offer the potential to promote job security for highly skilled staff, while strengthening cyber security defences.”
IBM says automation is the next big step in cyber security
The UK, US and APAC
UK and US respondents were much more confident that automation will improve their IT security staff’s ability to do their job (59% and 65% of respondents, respectively) than APAC respondents (48%), who were also more likely to distrust AI as a security tool (37% of respondents, compared to 31% in the UK and 24% in the US).
Skills shortages also seemed to be lower in the APAC region (67%), compared to the UK (70%) and the US (78%), which perhaps partially explains the different level of reliance and trust on automation and AI across regions.
Of those respondents who said AI is trusted as a security tool in their organisations, the majority listed staff shortages as the main reason why their enterprise has adopted the solution (53%).
“The results of the survey reveal that, overall, security professionals are confident that automation will make their workload more manageable and will increase the accuracy of certain tasks, without jeopardising their job security”, said Corin Imai, senior security advisor at DomainTools.
“Although there are geographical differences in the level of confidence placed in AI and automation as security tools, the reasons that motivate their adoption – relieving overworked teams, preventing downtime and business disruptions, reducing threats created by operating in the global digital economy, etcetera — seem to be consistent across regions, suggesting that goals and expectations are aligned for organisations across the globe.”