Skip to main content

Automation becoming the new norm for cybersecurity

(Image credit: Image source: Shutterstock/Vasin Lee)

A new global survey from Skybox Security has revealed that while companies are using more automation in cybersecurity, they still have a great deal more to do as AI and machine learning are still in their nascent stages.

The survey, titled Understanding Security Processes and the Need to Automate (opens in new tab), includes responses from 465 senior security leaders at large enterprises in the US, EMEA and APAC regions with questions focused on workflows in firewall, security policy management and vulnerability management.

According to the results of Skybox's survey, APAC is ahead of the US and EMEA in terms of automation for processes involved in the management and firewall rules and security policy while the automation of these processes is the least common in EMEA. The survey also highlighted how AI and machine learning are still in the early stages with just four per cent of respondents in EMEA using AI/ML in production compared to nine per cent in the US and 27 per cent in APAC.

Organisations worldwide are continuing to struggle with network security management as networks grow more complex and larger. Surprisingly, most businesses are only partially automating workflows and processes to help  overcome these challenges. However, respondents said they do see the value in automation and plan to automate more in the future.

Director of Product Marketing at Skybox Security, Sean Keef provided further insight into the results of the survey, saying:

“The good news: security leaders have started on their automation journey. However, the results of this survey show us that many companies have a long way to go. It seems security leaders are still trying to understand where they’re going to get the most value out of automation, while also ensuring they’re not putting the organization at risk. There are many areas, however, where it is absolutely essential to implement automation — and, in fact, where the automation reduces risk. For example, collecting/gathering data for attack surface visibility and modeling, network change management and rule life cycle management. Networks are simply becoming too large and complex to manage manually. If you’re not already working with a vendor in these areas, you should start looking for one.” 

Image Credit: Vasin Lee / Shutterstock

After getting his start at ITProPortal and then working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches to how to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.