A global study of 300 IT and security professionals suggests that while security budgets are growing, the way funding is allocated is changing as organizations look to automate workflows.
The survey, conducted by Sapio Research on behalf of Seemplicity, a security automation platform provider, found that 91% of respondents work in organizations that plan to increase their security budgets this year.
Additionally, 85% said they plan to increase investments in AI over the next five years, with vulnerability assessment (38%) and vulnerability prioritization (30%) cited as areas where AI will benefit the most.
Overall, nearly two-thirds of respondents (64%) said AI will serve as a weapon against bad actors, but even more (68%) said there is significant concern about the impact AI will have on accelerating software development in a way that outpaces cybersecurity teams’ ability to keep up with vulnerabilities.
Additionally, respondents indicated that the new SEC incident reporting requirements create an opportunity to strengthen vulnerability management practices. Specifically, the new requirements will improve logging and reporting (53%) and improve overall security hygiene (52%). Less than a quarter of respondents felt that the regulation would create more bureaucracy (24%), stress (23%), and distract their security teams (18%).
The challenge is that survey respondents reported on average using offerings from 38 different security vendors, with more than half (51%) experiencing high to very high levels (23%) of noise from their tools. And 85% said they struggle to manage all the noise, also known as alerts, generated by their security tools.
The survey also found that nearly all respondents (95%) use at least one method to try to reduce noise.
Meanwhile, over 97% indicated they have already invested in some level of automation, with vulnerability scanning (65%), vulnerability prioritization (65%) and remediation (41%) identified as the areas where most of these efforts are being implemented.
89% of respondents said automation has improved the efficiency of vulnerability and risk management, with rapid response to emerging threats (65%) being the most important benefit.
However, 44% said they still rely on manual methods to some extent to manage workflows. On the positive side, 90% of respondents plan to adopt some type of Continuous Threat Exposure Management (CTEM) framework to better respond to threats.
Seemplicity CEO Joran Sirkis noted that CTEM’s investments are critical as it has become clear that cybersecurity now requires organizations to be able to respond in near real-time when threats are detected. He added that the longer the response time, the more lethal any breach becomes.
Achieving this goal will require cybersecurity teams to reduce the current level of fragmentation in a way that reduces the overall amount of noise their platforms and tools currently generate, he added.
It’s unclear how long it will take for organizations to adopt the CTEM framework, but given the scale of attacks being launched, it’s almost certain that their adversaries are already capable of launching cyberattacks on a continuous basis at will. The only thing left to determine now is how long it will take for cybersecurity teams to be able to respond effectively in the same way.
