ThreatQuotient report highlights rise in cyber automation

ThreatQuotient has released the 2024 iteration of its Evolution of Cybersecurity Automation Adoption research report, revealing increased adoption and investment in cybersecurity automation across the UK, US, and Australia.

The report surveyed 750 senior cybersecurity professionals from companies with over 2,000 employees, highlighting that 80% of respondents view cybersecurity automation as important to their organisation. This marks an increase from previous years, indicating a growing recognition of the importance of automation in enhancing cybersecurity resilience and efficiency.

A notable 99% of the respondents reported an increase in budget allocation for cybersecurity automation in the past year, with 39% indicating a specific new budget dedicated to automation, a significant rise compared to last year's 18.5%. This shift suggests a maturing understanding of automation's role, enabling cybersecurity leaders to better justify budget allocations.

Incident response tops the list of automation use cases at 32%, followed closely by phishing analysis and threat hunting, each at 30%. These figures reflect the evolving focus areas within cybersecurity operations.

Challenges in cybersecurity automation are still prevalent, with technological issues, lack of budget, and lack of time being the most reported obstacles. However, trust in automated processes has grown, with only 20% of respondents expressing a lack of trust, a decrease from the previous year's 31%.

The report also sheds light on the main metrics for assessing return on investment (ROI) in cybersecurity automation. Employee satisfaction and retention remain crucial for 43% of leaders, although resource management and metrics such as mean time to repair (MTTR) and mean time to detect (MTTD) have gained prominence.

Ninety-nine percent of professionals engage in cyber threat intelligence sharing, with 54% collaborating with partners and suppliers and 48% with industry peers through official channels. This illustrates the increasing emphasis on collaboration to strengthen cyber defences.

Integration remains a key component, with 67% of organisations opting for a best-of-breed solution architecture to effectively implement cybersecurity strategies. Whether through single-vendor platforms supplemented by additional tools or a mix of different providers, the integration of cybersecurity tools is seen as vital.

The report notes growing adoption of artificial intelligence, with 58% of respondents already using AI in their cybersecurity operations. Of these, half have implemented AI broadly, while the rest apply it to specific use cases. An additional 20% plan to deploy AI in the upcoming year.

Leon Ward, Vice President, Product Management at ThreatQuotient, commented on the evolving cybersecurity landscape saying, "It is tough for cybersecurity professionals who now face fast-changing cyber and cyber-physical threats of unprecedented sophistication, volume, velocity and variety. Defending their business is an enormous task, and cybersecurity professionals must become more resilient."

Ward further emphasised the need for automation and collaboration, "What we are seeing in this \\"new normal\\" landscape is the need for more automation, scale and better threat intelligence sharing. A collaborative approach to cybersecurity helps organisations better defend as industries scale their knowledge to respond to attacks."

He concluded, "We believe that scaling security operations and collaboration across teams, ecosystems and industries is the most urgent challenge facing cybersecurity professionals. Successfully uniting human expertise, automation and AI and enabling seamless integration across tools and intelligence feeds will drive cyber resilience and agility at organisational, industry, and international levels."