COMMENTARY: It doesn’t take much to imagine a busy security team bombarded with alerts, notifications, and findings, many of which don’t require immediate attention. This has become the reality for more than half of security teams, many of whom report experiencing very high levels of noise from their tools.
OUR research The study found that the average enterprise uses tools from more than 30 different security vendors. Digging deeper, more than half of respondents (51%) who have experienced this level of fragmentation report high to very high levels of noise from their tools.
(SC Media Perspectives columns are written by a trusted community of SC Media cybersecurity experts. Read more perspectives here.)
This deluge of information isn’t just distracting; it’s paralyzing. Fully 85% of respondents admit to struggling to cope with the noise, citing slow or delayed risk reduction as their primary challenge.
Security teams are overwhelmed and their ability to quickly identify and prioritize real risks is compromised, leading to slower response times and increased vulnerability to cyberattacks. This puts the organization’s security at risk and strains resources and personnel, creating an environment where critical threats can slip through the cracks.
Role of automation
Consider the reality many security teams face: a deluge of exposures and vulnerabilities they must manage with limited resources. Many have sought relief by turning to automation to streamline important processes like vulnerability scanning, prioritization, and remediation.
We also found that 97% of organizations are adopting some level of automation in their vulnerability management practices. For example, 65% of organizations are using automation to improve the accuracy and speed of vulnerability identification, while 53% are using it to effectively prioritize threats. These steps are crucial in a world where cyber threats are relentless and unforgiving.
Teams also reported using automation for remediation, including finding the remediation team and implementing fixes. But this is happening at lower rates, with 41% of respondents performing each of these tasks. So despite its many benefits, automation isn’t being used by everyone. In fact, nearly half of security professionals (44%) still rely on manual methods. Security teams see the value in automation, but these numbers show there’s room for improvement across the board.
Whether due to a lack of awareness, budget constraints, technology limitations, or a lack of skilled personnel, teams must overcome these obstacles to fully realize the scalability and risk reduction potential that automation can bring to vulnerability management.
It’s about going beyond basic automation and adapting to new technologies.
Today, many companies are betting on artificial intelligence (AI) to improve security. A large majority of security teams our research team spoke with (85%) plan to increase their investment in AI over the next five years, signaling a dramatic shift in cybersecurity strategy.
Security teams see AI as a way to transform the early stages of vulnerability management. 38% of respondents believe it will significantly improve the accuracy and efficiency of vulnerability assessment, and 30% see it as a critical tool for prioritizing threats based on impact and urgency. Vulnerability remediation was cited by 32% of respondents as an area where AI could help.
This optimism makes sense. AI’s ability to quickly and accurately process vast volumes of data makes it a formidable ally against cyberthreats. Indeed, 64% of respondents view AI as a powerful weapon in the cybersecurity arsenal. Yet this enthusiasm is tempered by significant concerns. 68% of respondents express apprehension about the challenges AI could pose, particularly its integration into software development, which could accelerate code production at a pace that security teams struggle to keep up with.
The dual nature of AI—its potential for improvement and complexity—poses a paradox for security professionals. On the one hand, AI offers unprecedented capabilities to identify and prioritize vulnerabilities, promising faster response to emerging threats. On the other, the rapid pace of AI development may outpace security teams’ ability to effectively manage vulnerabilities, creating new challenges for maintaining robust security postures.
There is no miracle solution
Faced with many challenges, businesses must manage the pros and cons of any new technology, whether automation or AI. While both technologies offer promising advances in vulnerability management, they are not a panacea.
And it’s not just about relying on new technologies. Many security professionals interviewed by our research team considered other areas to improve their cybersecurity efforts, such as adopting continuous management of threat exposure (CTEM). They indicated that CTEM can enable them to stay ahead of threats by continuously monitoring their IT infrastructure for vulnerabilities, compared to traditional periodic assessments.
As with all things business, the path forward requires a balanced approach: leveraging technology’s strengths while remaining vigilant to the challenges it presents. This allows organizations to experiment with new technologies to strengthen their position without compromising their day-to-day operations.
While AI and automation hold great promise, teams must use these new tools wisely. Security teams must focus on and adapt to the rapid changes AI is bringing to stay ahead of the ever-evolving fight against cyber threats.
Yoran Sirkis, CEO of Seemplicity
SC Media Perspectives columns are written by a trusted community of SC Media cybersecurity experts. Each contribution aims to bring a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.