The Cybersecurity Automation Paradox

Recent studies show that before automation can reduce the burden on understaffed cybersecurity teams, they need to bring in enough automation skills to run the tools.

Cybersecurity organizations face a chicken-and-egg conundrum when it comes to automation and the security skills gap. Automated systems stand to reduce many of the burdens weighing on understaffed security teams that struggle to recruit enough skilled workers. But at the same time, security teams find that a lack of automation expertise keeps them from getting the most out of cybersecurity automation.
A new study out this week from Ponemon Institute on behalf of DomainTools shows that most organizations today are placing bets on security automation. Approximately 79% of respondents either use automation currently or plan to do so in the near-term future.
For many, automation investments are justified to management as a way to beat back the effects of the cybersecurity skills gap that some industry pundits say has created a 3 million person shortfall in the industry. Close to half of the respondents to Ponemons study report that the inability to properly staff skilled security personnel has increased their organizations investments in cybersecurity automation.
Nevertheless, the fact remains that automation isnt magical. It takes boots on the ground to roll out cybersecurity automation and true expertise at the helm of these tools to reap significant security benefits from them over the long haul. Ponemons
study
shows that 56% of organizations report a lack of in-house expertise is one of the biggest challenges impeding adoption of security automation. In fact, it was the No. 1 obstacle, named more frequently than legacy IT challenges, lack of budget, and interoperability issues.
Sentiments are relatively evenly split between those who think automation will cause a net increase, net decrease, or have no effect on headcount over time. However, those who think itll mean hiring more staff still have the plurality on that count — 40% of respondents say theyll need to hire more people to support security automation.
In another
report
released by SANS Institute on security automation, SANS analyst Barbara Filkins warns that organizations must fight the misconception that automation is easy or quick to implement.
Automation takes a tremendous amount of effort to arrive at the point where it makes things look easy, Filkins writes. Dont underestimate the resources needed to define the processes — in the light of more effective tools — and close the semantic gaps in the data gathered.
That study shows while automation is on the uptick at most organizations, only a scant 5.1% are at a high level of maturity with extensive automation of key security processes.
Part of the difficulty in assessing or measuring the level of automation maturity and its effect on the security industry is that experiences vary wildly. A huge chasm between the haves and have-nots of cybersecurity automation currently exists in the industry,
explains Gartners Anton Chuvakin
. On one end, he says, there are plenty of organizations that dont even have the resources to run security automation, let alone effectively operationalize it.
They do not have the people to install a tool and to keep it running. Ive met people who say they dont have time to install and configure a basic log management tool, Chuvakin writes. On the other edge of the chasm, we have organizations with resources to WRITE tools superior to many/most commercial tools.
This chasm may impact the staffing equation to some degree, as more than likely it will precipitate the creation of more quality service providers to fill the gap in expertise for those organizations that simply do not have the staff to add more layers of complicated automation tools.
Related Content:
DNS Hijacking Campaign Targets Organizations Globally
New Hacker Group Behind DNSpionage Attacks in Middle East
Iranian Hacker Group Waging Widespread Espionage Campaign in Middle East
6 Reasons to Be Wary of Encryption in Your Enterprise

Join Dark Reading LIVE for two cybersecurity summits at Interop 2019. Learn from the industrys most knowledgeable IT security experts. Check out the
Interop agenda
here.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
The Cybersecurity Automation Paradox