The CISO View: Navigating the Promise and Pitfalls of Cybersecurity Automation

Leon Ward

Cybersecurity automation has steadily gained traction as organizations seek to improve efficiency, address talent gaps, and keep up with escalating threats. However, our latest State of Cybersecurity Automation research shows that while more businesses are utilizing automation, they continue to grapple with obstacles that prevent them from fully capitalizing on its benefits.

In our recent study surveying over 700 cybersecurity professionals, we uncovered several persistent pain points in implementing automation. The research found that a lack of trust in automated outcomes, insufficient expertise among users, and poor communication between teams have hampered automation success. As a result, organisations are struggling to build confidence in automation and maximise its effectiveness.

Lack of Trust Undermines Confidence in Automation

The research revealed ubiquitous struggles with implementing cybersecurity automation, with 100% of respondents reporting problems. The top issues undermining confidence in outcomes were lack of trust (31%), slow user adoption (30%), and bad decisions (29%).

Results from State of Cybersecurity Automation Adoption Research Report on lack of trust in automation

Respondent Results: Trust in cybersecurity automation.

However, when we drill down, CISOs differ from other leaders regarding specific challenges. 40% cite “bad decisions” as a top concern, versus 29% overall. With ultimate cyber risk accountability, CISOs feel the impact of poor automation outcomes.

Automated actions like incorrectly blocking legitimate email/domains appear suspicious but negatively impact business. These errors erode user trust that automation improves security and organizations become hesitant to rely on it.

For example, an automated system may erroneously block access to a legitimate business domain that some vendors use for email communication. Employees suddenly find themselves unable to communicate with key partners, and business operations grind to a halt. This not only negatively impacts revenue but destroys end user trust in the value and accuracy of automated security systems. Organisations then become extremely hesitant to rely on automation out of fear of these business-disrupting outcomes.

Without confidence in reliable automated outcomes, businesses will not entrust critical security processes to them. This 31% reporting lack of trust is a major obstacle preventing full realization of automation benefits. Overcoming this requires solutions that provide transparency into automated decisions.

Skill Shortages Compound Adoption Difficulties

Insufficient expertise among security team members makes implementing automation effectively challenging. Limited skills lead to misconfigurations, integration issues, and other problems. These glitches reinforce the 31% lack of trust in outcomes. When automation fails unpredictably due to suboptimal implementation, organizations cannot reap its advantages.

With the cybersecurity skills gap still growing, and 25% of CISOs reporting the skills shortage as their biggest challenge, businesses often lack personnel to adeptly deploy and manage automation tools. 23% of respondents sought training availability when selecting solutions, key for adoption success, and it is clear that skills development should be a key area of focus for organizations to capitalize on automation potential.

CISOs point to organizational issues exacerbating challenges. 25% cited high team turnover as their number one concern, disrupting expertise continuity and skills to smoothly implement automation. 

Achieving Lasting Buy-In Requires Clear Communication

The research revealed disconnects between roles on automation perspectives. 42% of CISOs cited efficiency as the top driver to adopt automation, while for SOC leads and MSSPs, regulatory compliance was prime.

These mixed viewpoints signify a lack of alignment on automation goals and direction. CISOs must bridge gaps through improved communication of automation plans and benefits. Setting clear objectives, educating all team members, and demonstrating tangible gains are critical for lasting buy-in.

When one specialised team implements automation in a vacuum, broader adoption lags. But inclusive messaging of how automation helps every role work smarter fosters shared buy-in.

Continuous engagement with stakeholders is also vital. Leaders must showcase automation enhancing efficiency, compliance, productivity, or other goals important to each executive. 

With disjointed perspectives on its value and role, automation struggles for foothold. Consistent, compelling communication of advantages enables robust, organisation-wide backing of initiatives.

Smarter Tools and Processes Are Key to Overcoming Obstacles

The 2023 research makes clear that implementing cybersecurity automation still faces hurdles, with 100% of respondents reporting issues. However, smarter tools and workflows can help organizations overcome these challenges to realize automation’s potential.

One key need is for automation tools that provide transparency and guardrails, fostering user trust. Intuitive interfaces also enable easier adoption by users at all skill levels, mitigating the skills shortage cited by 23% as a top challenge.

Standardizing processes around automation provides consistency needed to maximize benefits. Workflows like automated triage avoid the ad hoc approaches causing fragmented gains.

Integrations between tools create seamless data flows and unified workflows rather than disjointed toolsets. 24% want integration with multiple data sources when selecting automation solutions.

Implementing automation without addressing trust, usability, training, integration, and standardized processes invites disappointment. The research makes clear these smarter tools and workflows offer a path to overcoming obstacles and automation success.

Automation challenges can be overcome

This exploration of the current cybersecurity automation landscape reveals persistent challenges that hamper organizations from realizing its full advantages. Core problem areas include deficient trust in outcomes, skill shortages among staff, and internal disconnects about automation’s role and value.

By taking concerted action to increase confidence via transparency, boost team expertise through training, and align understanding of automation’s benefits via consistent leadership messaging, CISOs can overcome these hurdles.

With thoughtful adoption strategies, secure design principles, and inclusive change management, organizations can tap into automation’s immense power to enhance security in the face of growing threats. Through a combination of smarter tools, educated users, and clear communication, cybersecurity teams can achieve new heights of efficiency and effectiveness through automation.

However, achieving automation’s full potential is not a one-and-done effort. It requires an ongoing commitment to iteration and optimisation as technologies, threats, and business needs evolve. Regular evaluation of processes and tuning of systems helps sustain peak performance over time.

Leaders must also continually assess the human side of the equation. Check-ins with staff at all levels provide valuable insights to shape training programmes, change management tactics, and internal messaging in a way that maintains strong buy-in across the organisation. With personnel empowered and aligned around shared automation goals, organizations can nimbly adapt their approaches to maximize value.

0 Comments

Blog Archive

About ThreatQuotient™

ThreatQuotient™ understands that the foundation of intelligence-driven security is people. The company’s open and extensible threat intelligence platform, ThreatQ™, empowers security teams with the context, customization and prioritization needed to make better decisions, accelerate detection and response and advance team collaboration.
LEARN MORE
Share This