According to recent survey findings, cybersecurity automation has emerged as a crucial component in the defensive strategies of cybersecurity professionals, with organizations expressing a desire for nuanced, tailor-made automation solutions and threat intelligence that facilitate collaborative efforts.
ASHBURN, VA. USA – November 19, 2024 – ThreatQuotient™, a pioneering innovator in threat intelligence platforms, has unveiled the findings of its latest report, “Evolution of Cybersecurity Automation Adoption 2024.” This comprehensive study surveyed 750 senior cybersecurity experts from various industries across the U.K., U.S., and Australia, providing insights into the advancements in automation adoption among these professionals and the significant challenges they encounter. The report’s fourth iteration demonstrates the ongoing evolution of automation within an ever-changing landscape, underscoring its role in fostering resilience, scalability, and collaborative strategies. Key areas explored include integration tactics, the dichotomy between single-vendor and best-of-breed approaches, AI incorporation, and the vital practice of sharing cyber threat intelligence.
Key research findings also include:
- Key use cases: Notably, incident response has emerged as the predominant use case for automation, identified by 32% of respondents, demonstrating a steady upward trajectory throughout the survey’s history. Close behind are phishing analysis and threat hunting, both at 30%, indicating their growing significance in cybersecurity practices.
- Challenges are evolving: Nearly all participants reported encountering challenges in implementing cybersecurity automation. The most frequently cited hurdles include technological limitations, budget constraints, and time shortages. As automation initiatives advance, the level of trust in automated processes has improved; only 20% of those surveyed expressed skepticism regarding the results—down from 31% the previous year. Concerns about erroneous decisions, gradual user adoption, and skill gaps have also diminished in 2024, reflecting a shift in perceptions.
- Top measurement metrics: While employee satisfaction and retention remain critical metrics for measuring the return on investment (ROI) of cybersecurity automation—cited by 43% of leaders—this figure has seen a notable decrease from 61.5% in 2023. Accordingly, metrics tied to resource management, encompassing staff efficiency, effectiveness, and budget considerations (42%), and performance indicators like Mean Time to Recovery (MTTR) and Mean Time to Detection (MTTD) (38%), have gained prominence as organizations increasingly focus on metrics aligned with productivity and operational efficiency.
- Growth in threat intelligence sharing: A striking 99% of cybersecurity professionals reported engaging in some form of cyber threat intelligence sharing; 54% share this intelligence with their direct partners and suppliers, while 48% collaborate with others in their sector through established threat-sharing communities.
- Integration is key: An impressive two-thirds (67%) of respondents are now integrating best-of-breed solutions into their cybersecurity frameworks to effectively execute their security strategies. Whether adopting solely best-of-breed tools or beginning with a single-vendor platform supplemented by best-of-breed options, integration of tools has become a cornerstone activity in defensive planning.
- AI gathers momentum: A notable 58% of respondents have begun leveraging artificial intelligence within their cybersecurity operations. Of these, half implement AI across all areas, while the other half apply it to specific use cases. Additionally, 20% are eyeing deployments in the upcoming year.
- Expected attack vectors in the year ahead: Anticipations for the next year indicate that cyber-physical attacks are perceived as the most significant threat, followed by phishing campaigns and ransomware incidents. While not in the top tier of expected attack vectors, 20% of experts foresee risks associated with supply chain attacks, and one in five anticipates that state-sponsored attacks will impact their organizations.
“Cybersecurity professionals are grappling with rapidly evolving cyber and cyber-physical threats that are unprecedented in their sophistication, volume, velocity, and variety,” stated Leon Ward, Vice President of Product Management at ThreatQuotient. “The challenge of defending their organizations is indeed monumental, necessitating greater resilience among these experts.”
“The trends we observe in this evolving landscape underscore the pressing requirement for increased automation, scalability, and enhanced threat intelligence sharing. A collaborative cybersecurity approach empowers organizations to sharpen their defenses as industries unite their knowledge to counteract threats.”
The shift toward utilizing cybersecurity automation that delivers tangible value, coupled with a commitment to greater intelligence sharing, is poised to fortify proactive cyber defense strategies. The survey indicates a notable pivot in focus toward ROI metrics more intricately linked to productivity and efficiency; while employee retention and satisfaction still hold significance, they no longer overwhelmingly take precedence over performance-oriented metrics.
Ward concluded, “We strongly believe that scaling security operations and fostering collaboration across teams, ecosystems, and industries is the most pressing challenge faced by cybersecurity professionals. Integrating human expertise, automation, and AI with seamless tool and intelligence feed cohesion is essential in bolstering cyber resilience and agility at organizational, industry, and global levels.”
To download the complete Evolution of Cybersecurity Automation Adoption in 2024 report, which includes detailed survey questions, regional and industry snapshots, and strategic recommendations for senior security professionals pursuing automation, click here. To access the report, click here.
Report Methodology
ThreatQuotient engaged independent research firm Opinion Matters to conduct a survey in June 2024. The survey included 750 senior cybersecurity professionals from companies with over 2,000 employees across various sectors, including Central Government, Defense, Critical National Infrastructure, Retail, and Financial Services, with an even distribution of 150 respondents from each area.
About ThreatQuotient
ThreatQuotient enhances security operations by integrating disparate data sources, tools, and teams to expedite threat detection and response. The ThreatQ platform is the first of its kind, purpose-built to provide a data-driven threat intelligence framework that allows teams to prioritize, automate, and collaborate on security incidents, thereby enabling focused decision-making and maximizing resource efficiency through unified workflows. The outcome is a reduction in noise, clear identification of priority threats, and optimized automation processes utilizing high-fidelity data. ThreatQuotient’s advanced integration marketplace, data management capabilities, orchestration, and automation support a variety of use cases including threat intelligence management, incident response, threat hunting, spear phishing prevention, alert triage, and vulnerability management. Headquartered in Northern Virginia, ThreatQuotient operates internationally with presence in Europe, MENA, and APAC. For further details, please visit www.threatquotient.com.
Media Contact
Paula Elliott
C8 Consulting for ThreatQuotient
+44 7894 339645
[email protected]
What challenges do organizations face when implementing automation strategies in their cybersecurity efforts?
**Interview with Leon Ward, Vice President of Product Management at ThreatQuotient**
*Date: November 19, 2024*
*Location: Ashburn, VA, USA*
*Interviewer: [Your Name]*
**[Your Name]:** Thank you for joining us today, Leon. Your recent report, “Evolution of Cybersecurity Automation Adoption 2024,” highlights some significant trends in cybersecurity automation. Can you summarize the key findings from this report?
**Leon Ward:** Absolutely, and thank you for having me! Our survey of 750 senior cybersecurity professionals from the U.K., U.S., and Australia has revealed a pivotal shift in how organizations are approaching cybersecurity automation. The report emphasizes that automation is no longer just a luxury; it’s essential for effective incident response, with 32% of our respondents identifying this as the leading use case. Additionally, there’s a notable trend towards integrating both best-of-breed solutions and artificial intelligence into existing frameworks.
**[Your Name]:** That’s fascinating. You mentioned challenges in implementing these automation strategies. What are the most common hurdles that organizations face?
**Leon Ward:** Many organizations still grapple with technological limitations, budget constraints, and time shortages. Despite these challenges, we’re seeing an increase in trust towards automated processes—only 20% of respondents expressed skepticism this year, a decrease from 31% last year. It shows that as industries adapt and embrace automation, perceptions are changing positively.
**[Your Name]:** The report also discusses the metrics for measuring ROI in cybersecurity automation. How have these metrics evolved?
**Leon Ward:** Indeed, while employee satisfaction and retention were once the primary metrics, we’re now seeing a shift toward performance-oriented indicators in line with productivity and operational efficiency. Metrics related to staff effectiveness, budget management, and Mean Time to Recovery (MTTR) and Mean Time to Detection (MTTD) have gained importance, indicating a more strategic focus on maximizing the impact of cybersecurity investments.
**[Your Name]:** Collaboration appears to be a recurring theme in your findings. Can you elaborate on the importance of threat intelligence sharing among organizations?
**Leon Ward:** Absolutely. A remarkable 99% of professionals surveyed engage in some form of threat intelligence sharing, with many collaborating directly with partners or within established communities. This collaboration is vital as it enhances not only individual organization defenses but also contributes to a stronger collective response to evolving threats. When industries come together to share insights and intelligence, it creates a more resilient cybersecurity landscape.
**[Your Name]:** You also mentioned the anticipated attack vectors for the coming year. What should organizations be particularly aware of?
**Leon Ward:** Cyber-physical attacks are currently seen as the most significant emerging threat, followed closely by phishing and ransomware. Additionally, supply chain attacks and state-sponsored initiatives are on the radar for many. As the threat landscape continues to evolve in sophistication, organizations need to be vigilant and prepared for these different forms of attack.
**[Your Name]:** what do you see as the future direction for cybersecurity automation?
**Leon Ward:** The future lies in integrating human expertise with automated systems and AI effectively. This combination is crucial for enhancing cyber resilience and agility, not just on an organizational level, but across industries. As we continue to adapt to the increasing sophistication of cyber threats, fostering collaboration and sharing knowledge will be key to strengthening our collective defenses.
**[Your Name]:** That’s a great insight, Leon. Thank you for sharing your expertise with us today, and best of luck with the ongoing efforts in improving cybersecurity.
**Leon Ward:** Thank you for having me. It’s been a pleasure!