Automation, a challenge: Cybersecurity experts
70 per cent of respondents assert that automation is extremely important for a successful security posture
Juniper Networks has recently announced a new study, The Challenge of Building the Right Security Automation Architecture, conducted with the Ponemon Institute that found that although enterprises understand automat i o n is crucial to addressing the cybersecurity skills shortage and achieving a stronger security posture, the majority are experiencing challenges with determining how, when and where to automate.
By 2021, fighting cybercrime will cost businesses globally more than $ 6 trillion annually and there will be 3.5m unfilled security jobs, according to Cybersecurity Ventures. Echoing this issue, 57 per cent of survey respondents say they are unable to recruit the skilled personnel needed to deploy their security automation tools. As cybercriminals continue to automate attacks without being subject to the same regulations and compliance constraints, organisations are struggling with understaffed security teams, manual processes, disparate systems and complex policies that leave them buried in low- value tasks.
“The cybercrime landscape is incredibly vast, organised and automated – cybercriminals have deep pockets and no rules, so they set the bar,” said Amy James, Director of Portfolio Marketing at Networks. “Organisations need to level the playing field. You simply cannot have manual security solutions and expect to successfully battle cybercriminals, much less get ahead of their next moves. Automation is crucial.”
SECURITY AUTOMATION IS A
MUST: The growing threat landscape and security skills gap facing cybersecurity teams demand that implement automation for a stronger security posture. Respondents recognise this growing importance and how automation can improve productivity, address the growing volume of threats and reduce the rate of false positives. ◗
◗ The top two benefits of security automation are increased productivity of security personnel ( 64 per cent) and automated correlation of threat ◗ behaviour to address the volume of threats ( 60 per cent).
◗ 54 per cent respondents ◗ said these automation technologies simplify the process of detecting and responding to cyber threats and vulnerabilities.
VENDOR SPRAWL IS CREATING CHAOS
Today, security environments are more complex and cybercriminals are more determined than ever, yet organisations are utilising security solutions built on stand- alone security tools, resulting in vendor sprawl and ineffective security strategies. Organisations now recognise that the ability to integrate disparate security technologies is the main challenge to achieving an effective security automation architecture, according to 71 per cent of respondents.
57 per cent have interoperability issues among security technologies that diminish the effectiveness of automation technologies.
3 per cent say it is difficult to integrate security automation technologies with legacy systems.
59 per cent believe their organisation needs to streamline its number of vendors.
SKILLS SHORTAGE IS A
BARRIER
As a result of this vendor sprawl, security practitioners are finding themselves bogged down for nearly two hours each day processing alerts, events and logs to find a malicious activity, according to the study. This leaves them with limited manpower to implement critical automation technologies and results in diminishing security postures. On top of that, the market is dry when it c o m e s to security personnel.
◗ Only 35 per cent say their organisations currently have the in- house expertise to be effective using security automation to respond to malicious threats.
◗ 62 per cent say the lack of in- house expertise diminishes their organisation’s security posture.
◗ 57 per cent say they are unable to recruit knowledgeable personnel to deploy automation tools.