Do you think automation and AI/machine learning will help your organization close its internal skills gap? A recent study from the Ponemon Institute found otherwise — at least for now. According to the Ponemon Institute study (funded by security vendor DomainTools) also found that the cybersecurity professional skills shortage will increase as automation technologies increase.
The Staffing the IT Security Function in the Age of Automation” surveyed more than 600 U.S. security and IT professionals in different industries and found that the cybersecurity skills gap has increased by five percent since 2013.
As one might expect, 41 percent of organizations surveyed said that their organizations inability to adequately staff security positions has been a motivator to increase investment in automation. Interesting, the study found only 26 percent of organizations currently use automation tools as part of IT security. Perhaps less surprisingly, only 15 percent state that AI is a dependable and trusted security tool for their organization.
The number of organizations that have a challenging time finding qualified cybersecurity candidates is increasing, as well. This year, 25 percent of respondents say their organizations have no such challenge hiring those with the skills they need. That’s down considerably from 34 percent in 2013. The ability to keep qualified staff is also getting more challenging. In the current survey, only 28 percent said that they have no difficulty retaining qualified candidates compared to 42 percent in 2013. In total, 75 percent of organizations find themselves challenged finding and keeping the security staff they need.
Of course, many respondents believe that automation will enable their security staff to focus on more pressing issues. A full 60 percent of respondents in organizations that will deploy automation believe it will improve their IT security staffs’ ability to do their jobs. Automation will enable them to focus on more serious vulnerabilities and overall network security, 68 percent of respondents say. Others, or 44 percent, say that automation will help streamline security staff efforts, enabling them to be more productive as time-intensive process get automated.
Other findings in the report include 63 percent of respondents saying human involvement in security is important in the age of automation, while only 23 percent of respondents say automation will reduce the headcount of their IT security function.
While 85 percent of respondents don’t thing AI/machine learning is a dependable and trusted security tool today, a 23 percent think it will be within a year to two years and another third, or 33 percent believe that it will be more than two years out when that happens. That leaves 71 percent believing that AI is, or soon will be, a dependable and trusted security tool. Interesting, 29 percent do not believe AI will ever be a trusted and dependable security tool.
“One of the biggest barriers to a strong security posture is attracting and retaining the right people that can deal with complex and serious internal and external threats to the organization,” said Larry Ponemon, chairman and founder of the Ponemon Institute. “This research reveals that despite the adoption of advanced and automated tools, the skills gap has increased, leaving organizations more vulnerable than ever before.”
I agree, and I think over the long haul those organizations that learn how to embrace automation will find themselves having better success with their security programs. I think this has been true for some time, as I wrote almost four years ago in Continuous Security Monitoring in a Continuous World In today’s highly virtualized environments, where continuous integration and deployment are the norm — it’s just impossible to manually ensure that both security and regulatory compliance controls are adequate.
And with virtualized workloads, apps, and the supporting infrastructure being persistently updated, your enterprise needs automated and constant security checks to be ran in parallel. Gone are the days of running monthly security and regulatory compliance assessments. As continuous integration and deployment pipelines rapidly become the norm, rather than the exception, a fundamental shift in the way enterprises view security is essential.
This is truer now than it was then, and it was quite true at the time I wrote it. With increased adoption of containers and microservices, security automation is absolutely essential.
To have a look at the full Ponemon report on security and automation, you can download it here.