For the most part, enterprises aren't tapping into the benefits of automation for their security efforts, according to a report sponsored by IBM.
According to IBM Security's global study, just 27% of the organizations said they were significant users of automation. The study, which was conducted for IBM by the Ponemon Institute, also found that 77% of the organizations only used automation "moderately, insignificantly, or not at all."
Enterprises can use automation across identity management and authentication, incident response platforms and security information and event management (SIEM) tools, in their security response processes. The study defined automation as enabling security technologies "that augment or replace human intervention in the identification and containment of cyber exploits or breaches."
The survey respondents that were tapping into the benefits of extensive automation rated their ability to respond, prevent, detect and contain cyberattacks at higher rates than those that didn't.
In the same vein as service providers' use of automation, the security technologies that use automation leverage artificial intelligence, machine learning, orchestration and analytics.
Surprisingly, 77% of the respondents didn't have cybersecurity incident plans applied consistently across the enterprises. Among those that do have plans in place, 54% didn't test their plans.
"Failing to plan is a plan to fail when it comes to responding to a cybersecurity incident. These plans need to be stress tested regularly and need full support from the board to invest in the necessary people, processes and technologies to sustain such a program," said Ted Julian, vice president of product management and co-founder, IBM Resilient, in a prepared statement. "When proper planning is paired with investments in automation, we see companies able to save millions of dollars during a breach."
There's also a lack of skilled cybersecurity employees, according to the survey, which has been an ongoing issue for enterprises. The study's survey participants said they lacked the number of employees that are needed to maintain and test their incident response plans.
Just 30% of the respondents reported that staffing for cybersecurity is sufficient to achieve a high level of cyber resilience. Furthermore, 75% of respondents rate their difficulty in hiring and retaining skilled cybersecurity personnel as "moderately high to high."
On top of the skills challenge, 48% of the respondents said they were hamstrung by their organizations deploying too many separate security tools, which led to increasing operational complexities, while also reducing visibility into their security measures.
The global survey was conducted with more than 3,600 IT and security professionals from around the world.