Back in 1995, in the early days of the world wide web, I had an amazing assignment to help understand the impact of “the internet” on a massive electronics company. My team and I sat down and came up with predictions.
When I flip through that report now, I realize that we were right about 90% of the things that happened, but wrong on 100% of the timelines. I wrote, “The majority of books will be sold online within 5 years.” It took 15. “Big retail will lose share to online markets within 10 years.” Again, it took much longer.
Much like me in 1995, the tech world tends to accurately predict seismic shifts in how we interact with technology, but grossly overestimate how quickly they will happen.
For years, we’ve heard that AI will change the world as we know it. Hell, in 2018 I helped IBM introduce Watson for Cyber, which felt like a significant start. But we weren’t quite at the tipping point. While we all suspected it eventually would happen, nobody knew when. Well, after years of speculation and many poorly-timed predictions, we’ve finally reached the turning point. AI has officially infiltrated our lives.
As an industry veteran and current CEO of a cybersecurity company, it’s my job to figure out what these new technologies mean for organizations, and how they can be harnessed to stay ahead of the curve. Naturally, AI and automation have been my primary focus for the past several years.
I can confidently say that automation is no longer just the future of cybersecurity, it’s the present. Waves of business leaders are investing their time, money, and resources into adopting these technologies. According to a new study from Wakefield Research, 80% of organizations indicated that they plan to increase investments in cybersecurity automation in the coming year, with the majority expecting a significant 6-10% increase. Even in the wake of widespread economic uncertainty.
Here’s why they’re betting on automation.
Automation closes talent gaps, eases burnout
It’s no secret that we’re facing a critical cybersecurity talent shortage. And despite persistent outcry from security leaders and experts, it’s only getting worse.
Talent shortages have even made their way into the national spotlight with the White House’s highly-anticipated National Cybersecurity Strategy, where strengthening the cyber workforce was outlined as a key priority.
The lack of cybersecurity professionals presents obvious security concerns, as understaffed security operations centers (SOC) are especially vulnerable to attacks. But what’s often overlooked is how it negatively impacts the existing security professionals, and what that means for organizations. Security professionals can feel the effects of staffing shortages first-hand, as they battle to keep up with ever-expanding attack surfaces and rapidly evolving threats. They are unrealistically expected to “do more with less,” making them susceptible to high levels of burnout and turnover.
For understaffed SOCs and stressed-out security professionals, adopting automation offers a realistic path forward. While we might assume that security practitioners are fearful about what automation means for their job security, that’s not the case. In fact, they are welcoming automation and AI with open arms.
A recent survey of 200 IT security professionals showed that 100% of respondents agree that increasing automation in the security operations center (SOC) would be helpful to fill staffing gaps in their teams. Specifically, they found that automation was most helpful for completing tasks related to incident analysis (54%), landscape analysis of applications and data sources (54%), and threat detection and response (53%).
The common thread among these findings is that automation helps analysts minimize redundant, time-consuming tasks that keep them from focusing on threats that matter.
Cybersecurity resilience equals business resilience
At the leadership level, cybersecurity is better understood and more highly prioritized than ever before. 91% of business leaders believe there will be a catastrophic cyber event in the next two years, and 88% of board members classify cybersecurity as a business risk vs. technology risk alone.
We’ve seen devastating data breaches and ransomware attacks dominate headlines, damage reputations, and put countless individuals at risk. As such, building and maintaining a bulletproof security posture is bigger than an IT problem, it’s a mission-critical problem that dictates overall business health. Organizations can no longer afford slip-ups or oversights.
Despite mass layoffs, budget cuts, funding shortages, and fears of recession creeping into all sectors of the economy, organizations are still prioritizing their investments in bulking up cybersecurity defenses. The question is, where are they allocating the money?
They’re investing in cybersecurity automation.
And for good reason — 100% of security professionals reported that using AI in cybersecurity resulted in positive business impacts, including reduced downtime, increased revenue, lower costs associated with hiring and training new employees and more efficient security processes.
No human being can keep up with the sheer volumes of data and alerts that flood the SOC on a daily basis. Relying on people, especially understaffed teams, to protect organizations from cyberattacks is not enough.
When it comes to cybersecurity, time is of the essence. The longer it takes to remediate threats, the more costly an attack becomes. Seconds can mean the difference between millions of dollars in damage and exposing sensitive customer information. Adopting automation is the only guarantee that businesses can detect and respond to threats in real time, resolving them before they even become a problem.
If you don’t believe me yet, IDC predicts that by 2026, 20% of large enterprise organizations will migrate to autonomous security operations centers accessed by distributed teams for faster remediation, incident management, and response.
Now is the time to get ahead of the curve, and invest in an automated future. Your organization depends on it.