Security automation is changing hiring trends
A new survey of more than 1,000 IT and IT security practitioners reveals that 51 percent now believe that automation will decrease headcount in the IT security function, an increase from 30 percent in last year's study.
The study by the Ponemon Institute, in partnership with DomainTools also finds concerns of employees about losing their jobs because of automation have increased to 37 percent over last year's 28 percent.
Yet there are continuing problems with a lack of cybersecurity skills as 69 percent of organizations' IT security functions are understaffed, a slight improvement over last year’s 75 percent.
Overall, 74 percent agree that automation enables IT security staff to focus on more serious vulnerabilities and wider network security. Interestingly, automation highlights a renewed focus on the importance of the human role in security. Only 40 percent believe automation reduces human error while half believe automation will make jobs more complex. 54 percent think automation will never replace human intuition and hands-on experience. And 74 percent (a rise from last year's 68 percent) say that automation is not capable of certain tasks done by IT security staff.
"The perspective around the effects of automated technologies for IT security continues to shift year after year," says Dr Larry Ponemon, chairman and founder of the Ponemon Institute. "As adoption of automation becomes more mainstream and improves the effectiveness and efficiency of IT security staff, they are anticipating that they will be able to accomplish more with fewer bodies. What is likely is for there to be a consolidation of existing roles, rather than an elimination. This means better opportunities for employees to up-level their current skills to create more value-added roles as the human side of security remains as important as ever."
Among other findings, almost half of respondents (48 percent) are sharing threat intelligence to collaborate with industry peers. A worrying 47 percent of organizations don’t invest in training or onboarding of security personnel, and 53 percent of respondents have seen an increase in attackers’ use of automation.
The full report is available from the DomainTools site.