Today we released the findings of our latest survey which examines The State of Automation in Security. Currently, only 15% of our survey respondents said that their security processes were highly automated; 52% had some automation in place but felt it was not enough; and 33% said they had little to no automation. That’s not great…especially in light of the impact:
Therefore, not entirely surprisingly we found that 83% of organizations want the use of automation to manage security processes to increase over the next 3 years. Why’s that?
On the other hand we discovered that concerns about accuracy, the knowledge and resources required to deploy these tools, and difficulty driving organizational changes, are holding these companies back. Interestingly CIOs expressed concerns about the lack of automation tools (more about that later) and business disruption as their reasons for not fully embracing automation yet.
The survey’s findings are clear: with many companies now undertaking business transformation initiatives such as migrations to the cloud, or to software defined data centers (SDDC) in order to achieve greater agility and efficiency, there’s now, more than ever, a need to automate security processes.
Yet today, security processes are still largely manual. Skilled IT staff engineers are spending their valuable time manually maintaining existing systems, processing countless security alerts, and making device configuration changes. These manual security processes are creating a bottleneck for the organization – which not only impacts business agility, but also exposes it to security risks and hampers the organization’s ability to fight cyber attacks. Automation can replace much of this ‘grunt’ work and ensure that changes and updates don’t introduce errors.
But if the full benefits of automation are to be realized there first needs to be better communication between those handling the day-to-day IT network and security operations and their senior management. The survey revealed that while the C-level executives do get the value of automation, they don’t fully comprehend the daily challenges faced by their staff and they aren’t sufficiently educated about the specific automation tools available to address them. So there needs to be better communication between those doing the work and their senior management to get everyone on the same page about the value, benefits and capabilities as well as the limitations of automation. Once that happens, automation should be a top-down initiative in order to alleviate concerns surrounding accuracy, organizational processes and business disruption.
At the end of the day, it’s clear that automation of security processes is no longer a nice to have it’s a necessity, recognized by most organizations, in order manage security at the speed of business. To see the full infographic and/or dig deeper into the survey results, click here.
Receive notifications of new posts by email.