Analyst firm Devo Technology has announced research results commissioned by the independent research firm Wakefield Research, according to which information security specialists are increasingly turning to artificial intelligence due to dissatisfaction with the introduction of automation in Information Security Monitoring Centers (SoC).

The Devo survey was conducted among 200 security professionals from large companies with revenues of more than $500 million from January 30 to February 9, 2023.

The study shows that implementing cybersecurity automation leads to positive business outcomes, including addressing staff shortages and mitigating the effects of cyber attacks. According to the survey, organizations will continue to invest in cybersecurity automation in 2023 even in the face of economic instability.

Organizations are looking for long-term solutions to keep up with increasingly complex cyberattacks, and they need technologies that automate time-consuming, repetitive tasks so that security teams can focus on the most important threats. This report confirms that implementing automation in SOC results in analyst satisfaction, better business outcomes, and improved security for organizations.

IS specialists become scammers and use AI tools without official permission

According to the study, security professionals understand that their organization will not allow them to use AI, but this does not stop them.

• 96% of IS professionals admit that one of their colleagues uses AI tools not provided by their company;
• 80% of professionals use AI tools themselves;

96% of cybersecurity specialists are dissatisfied with the introduction of automation in SOC

Organizations fail to implement automation effectively, forcing cybersecurity professionals to turn to rogue AI tools to keep up with workloads.

Reasons for dissatisfaction vary

• from technological problems (42%) – limited scalability and flexibility of available solutions;
• to financial (39%) – high costs for implementation and maintenance;
• 34% of respondents attribute automation problems to the human factor – the lack of internal experience and resources to manage the tool.

In addition, 47% of professionals would choose AI tools for better user experience, 46% for more specialized features, and 44% for greater efficiency.

Investing in cybersecurity automation pays off

In 2023, security professionals will prioritize investments in cybersecurity automation to meet organizational challenges, despite economic volatility and widespread cuts in organizational spending.

• 80% of security professionals predict an increase in investments in cybersecurity automation next year, including 55% predict an increase of more than 5%;
• 100% of respondents reported a positive business impact from using cybersecurity automation, citing increased efficiency (70%) and financial gain (65%) as the main benefits.

Automation solves the problem of shortage of personnel

Implementing automation in SOCs helps organizations deal with shortages of security personnel in a variety of ways.

• 100% of respondents agreed that automation will help fill staffing gaps in their team;
• Incident analysis, analysis of the application landscape and data sources, and threat detection and response (53-54%) were the most common ways that automation can compensate for staffing shortages.

As a result of a study by the Ministry of Digital Development, it turned out that over 80% of companies in Russia now experiencing a shortage of qualified personnel on information security. Deputy Head of the Ministry of Digital Development Alexander Shoitov specified that although a sufficient number of specialists in the field of information security are being trained in Russia, there is a shortage of highly qualified information security specialists on the market who will be ready to resist cyber attacks in practice.