版权说明:本文档由用户提供并上传,收益归属内容提供方,若内容存在侵权,请进行举报或认领
文档简介
2023
STATEOF
CYBERSECURITY
AUTOMATION
ADOPTION
INTRODUCTION
ThisisthethirdeditionofThreatQuotient’sannualsurveyofseniorcybersecurityprofessionals,exploringthetopicofcybersecurityautomationadoption.Seven
hundredandfiftyseniorexecutivesintheUK,US,andAustraliasharedtheirviewsontheprogresstheyaremakingtowardadoptingcybersecurityautomation,itskeyusecases,andthechallengestheyface.Inadditiontoidentifyingtrendsovertime,thisyear’sstudyexploreswiderissuessuchasthecriticalfeaturescybersecurity
CONTENTS
2Introduction
2Methodology
3Foreword
5HighLevelFindings
8
RegionalVariations
10VerticalSnapshot
13RoleBased
Comparisons
15Recommendations
17Question
Responses
professionalswanttoseeinautomationsolutions,thetopicofwellbeingamongcybersecurityteams,andhowitcanbeimproved.
ReadthisreporttounderstandhowCISOsandseniorcybersecurityprofessionalsarehandlingtheincorporationofcybersecurityautomationintotheirstrategiestoprotectthecomplex,extendedenterprise–andtheiranalystteams–fromthepressuresofescalatingcyberthreats.
METHODOLOGY
Leadingsecurityoperationsplatforminnovator,ThreatQuotient,commissioneda
survey,undertakenbyindependentresearchorganization,OpinionMatters,inJune2023.SevenhundredandfiftyseniorcybersecurityprofessionalsintheUK,USAandAustraliafromcompaniesemploying2,000+peoplefromfiveindustriestookpart,
including:CentralGovernment,Defense,CriticalNationalInfrastructure–EnergyandUtilities,Retail,andtheFinancialServicesSector.
2
FOREWORD
Thepressureoncybersecurityteamsshowsnosignsofabating.Whiletheglobal
healthcrisisisbehindus,thepast18monthshavebroughtaworldwideeconomicuncertaintyandgeopoliticaltensionatalevelnotseenfordecades.Theresultingenergycrisis,supplychainimpacts,andeffectsonemploymentaresending
shockwavesthroughoutthephysicalanddigitalworld,and–whereverthereis
disruption–cybercriminalsandnation-stateactorsarealwaysonhandtocapitalizeonthesituation.Rightnow,theyareleveragingnewtools,suchasautomation
andgenerativeartificialintelligence(AI),tomakeattacksmoresophisticatedanddeceptive.Asthevolumeandvarietyofcyberthreatsincreaseexponentially,and
skilledcybersecurityworkersremaininshortsupply,seniorcybersecurityleadersfacearelentlessresourcechallenge:howtoprotecttheorganizationinanenvironment
wherebudgetsandpersonnelareunderpressure.
Overthethreeyearsthatwehaveundertakenthissurvey,wehavetrackedthe
adoptionofcybersecurityautomationasasolutiontothisproblem.Our2023StateofCybersecurityAutomationAdoptionresearchfindsthatorganizationsareleaningonautomationtohandleagrowingpercentageofcybersecurityusecaseswiththegoalofincreasingefficiency,respondingtoregulationandcompliancerequirements,andincreasingproductivity.Overall,theyconsiderautomationtobeimportantintheir
organization,andtheyarecontinuingtocommitbudgettoautomationprograms–
eventhoughtheyarehavingtocutbackinotherareastodoso.However,ourstudyalsoshowsthattheproblemshighlightedinpreviousyearsremain–infact,they
havegrown.Everyrespondentsaidtheyhadexperienceddifficultiesofsomekind
whenimplementingcybersecurityautomation.Theserangefromalackoftrustintheoutcomesofautomatedprocesses,slowadoptionbyusers,baddecisionsresultingfromautomation,andalackofskillamongusers.
Thereisundoubtedlyadegreeofdisenchantmentaroundautomationevidentin
thisyear’sstudy,withasensethatithasn’tyetdeliveredonitspromise.Thismirrorsthefindingsofotherindustrywatchersandreflectsthefactthatthemarketisstill
relativelyimmature.Usersarestillworkingtofindtheirfeetandimplementthe
solutionsthatwillsolvetheirchallengesanddelivertherightkindofROI.Atthesametime,vendorsarecontinuingtoinnovateandadvancetheirsolutionsfrombotha
technicalandusabilityperspective,sotheycanachievetheirpotential.
3
ROIisfirmlycenteredonemployeewellbeing
Lastyear,respondentsweredividedonthebestwaytodeterminecybersecurity
automationROI,butthisyearstrongconsensushasemerged.61.5%saythatROIismeasuredbyhowwelltheyaremanagingtheteamintermsofemployeesatisfactionandretention.Lessthanhalfthatfigure(29%)sayROIisdeterminedbyhowwellthesolutionisperforminginsecurityterms.
Thispointstoasignalshiftinwhatorganizationsviewasthe“point”ofinvestingin
cybersecurityautomation–theprimemotivationistoimprovetheexperienceof
employees.Byallowingautomationtoshouldertheburdenoflowervalue,repetitiveactivities,andreleaseanalystsformoreinterestingandfulfillingwork,companiescanimproveemployeesatisfactionandreducechurn.Thestudyfoundthathighteam
61.5%saythatROIismeasuredbyhowwell
theyare
managingtheteamintermsofemployee
satisfactionandretention.
memberchurnrateswereamongthetopthreechallengesfacingrespondentsin
centralgovernmentandcriticalnationalinfrastructureorganizations.ItwasalsothebiggestissuefacingAustralianrespondentsandthoseinaCISOrole.
ThisfindingonROIhasimportantimplicationsforautomationsolutionvendors,
too.Typically,vendorsdesignsolutionsontheassumptionthatbuyersarelookingforconventionalROIbasedonsecurity,accuracy,efficiency,andproductivitygains.However,thisfindingshowsthatnon-traditional,human-focusedmeasuresare
equally,andsometimesmore,important.WithROImeasuredonthebasisofteamsatisfactionandretention,vendorsneedtoincorporatethehumanbenefitsoftheirsolutionintoproductdesignandmessaging.Thereareseveraldevelopmentson
thehorizonthatshouldrespondtothisneed,includingtheadvancementsofAIandgreaterrolloutoflowandno-codesolutions.Byimprovingusabilityandmaking
automationmoreaccessibleforawidercohortofworkers,itshoulddelivermoreusersatisfactionwhilesimultaneouslyachievingtheaccuracyandefficiencyitwasoriginallydesignedfor.
HereatThreatQuotient,weknowthatdata-drivenautomationcanplayakeyroleinhelpingorganizationsdealwiththetechnicalandhumanchallengesofcybersecurity.Ourrecommendationswillassistorganizationsinavoidingthepitfallsandreapingtherewardsofeffectivecybersecurityautomation.
Wehopethatyoufindthisreportinterestingandvaluable.
4
HIGHLEVELFINDINGS
100%
Haveexperiencedproblemswhen
tryingtoautomatecybersecurity
99.9%
Haveincreased
budgetsfor
cybersecurity
automation
75%
SayITcybersecurityautomationis
importanttotheirorganization
61.5%
MeasureROIonthebasisofhowwelltheyare
managingtheteamandemployeesatisfaction/retention
Theimportanceofcybersecurityautomationrisesoverall–buttherearesignsofdisenchantmentinsomeregions
Three-quartersofthecybersecurityprofessionalssurveyedsaidthatcybersecurity
automationisimportanttotheirorganization,withalmostone-third(32%)sayingitisveryimportant.RespondentsfromtheUSandAustraliashoweda17.5%and14%increase
respectivelyinthepercentageofrespondentsratingcybersecurityautomationimportant,upat82.5%and82%,comparedtolastyear.
IntheUK,however,therehasbeenadecreaseof9%,with61%sayingitisimportantto
theirbusinessthisyear.Thisdrophasbeenledbyfinancialservices,defense,andcentralgovernmentrespondents.UKrespondentsweremorelikelythanthoseintheUSand
Australiatosaythattheyhadexperiencedbaddecisionsandslowuseradoptionresulting
5
fromtheirattemptstoimplementcybersecurityautomationandthatit“causesmore
problemsthanitsolves”.Thishasgeneratedalevelofdissatisfactionthatreflectsthe
maturityoftheUKmarket–earlierautomationsolutionshaveprovedtobecomplexandhardtouse,whichwouldcertainlytranslateintoslowadoption.
Automationisbeingmorewidelyusedacrossallusecases
Comparedtolastyear,ahigherpercentageofrespondentsareautomatingkeyareasoftheircybersecurityprogram.Themostnotableincreaseisinalerttriage–anareawhereThreatQuotientresearchidentifiedanopportunitylastyear–where30%arenowusingautomationcomparedtoonly18%in2022.Overall,respondentsarearound5%morelikelytobeautomatingprocessesacrosstherangeofcybersecurityactivitiesthantheywerelastyear.
Interestingly,vulnerabilitymanagementandprioritizationarenowakeyusecaseamong37%ofUSorganizations,anditisalsomoreprevalentamongcompanieslargerthan
10,000employees(42.5%)andthoseinthecriticalnationalinfrastructuresector(37%).Inourexperience,thesearetypicallymorematureorganizationswhenitcomesto
automation,indicatingthatwemayseevulnerabilitymanagementriseuptheagendainother,lessmature,organizationsinfuture.
Greateradoptionissurfacinggreaterchallengesandalackoftrustiskeyamongthem
Theresultisunanimous:implementingcybersecurityautomationisneverproblem-
free.Themoreorganizationsuseautomation,themorechallengestheyareuncovering.Everyonetakingpartintheresearchsaidtheyhadencounteredproblems,withthemostcommontroublingareabeingalackoftrustintheoutcomesdeliveredbyautomated
processes–anissuefor31%.Closebehindis“slowuseradoption”–whichisnot
surprisingifusersdon’ttrustwhattheyareseeing.“Baddecisions”,suchasincorrectlyblockingsuspicious-lookingdomainnamesthatareactuallybenign,orblockinganemailtotheCEOthatturnsouttobegenuine,andlackofskillsmakeupthetopfourissues.
Incombination,theseissuespointtoanenvironmentwheretherealityofdeploying
automationsolutionsisn’tmatchingexpectations.Asvendorsbuildnewfeaturesand
functionalityintotools,thereisadistinctneedtofocusonusabilityandtransparency,soteamscanbuildconfidenceandreapthebenefitsofautomation.
Finance,regulatoryconcerns,andteamchurnarethetopthree
cybersecurityteamchallenges
Wewantedtogetabroaderperspectiveontheissuescybersecurityleadersarefacing
amongtheirteamsandherewefoundevidencethatthemacroeconomicpictureis
havinganimpact.Almostaquarterofrespondents(24%)said“insufficientbudget”wasintheirtopthreebiggestchallenges,reflectingtheeconomicpressuresfacingbusinesses.Thesamepercentage(24%)pointedto“growingcompliancerequirements”asregulatorsincreasinglyintroducemandatorycybersecurityresilienceandrecoveryrequirements
intodraftlegislationandregulations.
6
Highteammemberchurnratewastiedatthirdamongtherespondents’concerns,
indicatingthatthegeneraldisruptionintheemploymentmarketthatfollowedthe
pandemicisaffectingcybersecurityteamsjustasmuchasotherjobroles.Employee
churncausesproblemsasdepartingteammemberstakevaluableskillsandcompany-specificexpertiseawaywiththem,whicharehardtoreplaceinthecurrentemploymentenvironment.Notably,CISOsratehighteammemberchurnastheirmostpressingissue–andtheyarealsomostlikelytosaythatincreasingheadcountwouldhavethebiggesteffectoncybersecurityanalystwellbeing.
Budgetscontinuetorise,buteconomicpressuresarebeingfelt
Allbutonerespondentreportedthattheirbudgetforcybersecurityautomationhas
increased,ariseto99.9%from98.5%lastyear.However,comparedtolastyear,budgetisfarlesslikelytobenetnewallocations–only18.5%hadanetnewbudgetthisyear
comparedto34%thathaditlastyear.Instead,budgetisbeingallocatedfromoutside
thesecurityteamorfromothertools.There’saslightdropinbudgetbeingreallocated
fromheadcountcomparedtolastyear,whichmayshowthatbusinessesarestilltryingtobolstertheirsecurityteamnumbers.
Thelevelofconsensusacrosscountriesandindustriesonthebudgettopicwasincrediblystrong.Economicheadwindsarebeingfelteverywhere,forcingbusinessestobecreativeabouthowandwhattheyfund.Thegoodnewsisthatcybersecurityautomationclearlyholdsacriticalpositionwithinthestrategiesofthesebusinesses,totheextentthattheyarepreparedtocutotherbudgetstoensurecontinuedinvestment.
Multipledatasourceintegration,training,andautomatedreportingtoolstopthewishlist
Whenselectingcybersecurityautomationsolutions,organizationsprimarilywantthe
facilitytointegratewithmultipledatasources–andasthenumberandformatofsourcesgrows,thiswillsurelybecomemoreimportantasteamsseektomakesenseofincreasingvolumesofdata.Nextonthelististraining–essentialasteamsseektogrowtheirskills–andautomatedreporting.CISOsarekeenontheavailabilityoftraining,rankingthisa
longwayaheadofotherissues.
Smartertools,moreflexibility,andhigherheadcountwouldhavethebiggestpositiveimpactonwell-being
Asreportedearlier,ourrespondentsarenowclearonhowtheymeasureROI,with61.5%sayingitcomesdowntohowwelltheyaremanagingtheteamintermsofemployee
satisfactionandretention.Knowingthatmanycybersecurityleadersarestrugglingwithemployeewellbeingandburnout,wewantedtolearnwhattheyfeltwouldhavethe
biggestimpactonwellbeingandemployeeretention.
7
Topofthelistwassmartertoolsthatwillsimplifywork(31%),whilegreaterflexibilityover
workinghoursandlocationfollowedclosebehind,atthesamerateasincreasingteamheadcount(both28%).Thisindicatesthatcybersecurityprofessionalsseetechnology
andhumanfactorsasequallyimportantinimprovingemployeeexperience.The
pandemiccreatednewexpectationsaroundworkflexibilitythatemployeesareunwillingtorelinquish,whilenewerindustryentrantsaredigitalnomadswithhighexpectationsaroundflexiblework.Leadersarealsobeginningtoseethepotentialofinnovations
inareassuchasAIandlow-orno-codetobuildsmartertoolsthatmakeworkmorefulfilling.TheseareareasthatThreatQuotientwillcontinuetodrawoninthefuture.
REGIONALVARIATIONS
Onceagain,wesurveyedequalnumbersofcybersecurityprofessionalsintheUS,UK,andAustraliatolearnhowtheirexperienceofcybersecurityautomationischanging.
RespondentsfromtheUSandAustraliaaremorelikelytosaycybersecurityautomationisimportanttotheircompanythantheywereayearago,with82.5%and82%respectivelysayingitisimportant.USrespondentsarethemostenthusiastic–46%sayitisvery
importanttotheirbusinesscomparedwith26%ofAustralianrespondentswhosay
itisveryimportant.RespondentsintheUKcontinuedtobecomelesspositiveabout
cybersecurityautomation,withthepercentagesayingitisimportanthavingfallento
61%,adropfrom70%ayearagoand77%twoyearsago.Thisfallhasbeendrivenbyfinancialservicesanddefenserespondents,registeringadropof28and26percentagepointsrespectively.Afifth(21%)ofUKrespondentssaycybersecurityautomationisnotimportanttotheirorganization.
Driversandusecasesforcybersecurityautomationvary
TheUSandAustraliaseeefficiency-howwelltheyuseresourcessuchastime,
moneyandskilltogetthejobdone-asthetopdriverforautomation(48%and39%
respectively).IntheUKhigherproductivity-theamountofworkthatindividualsand
teamscangetthroughinagivenamountoftime-isthemainbenefitsought(36%).Thisisconsistentwithlastyear’sfindings.
Theregionsvaryonwhichkeyusecasestheyareautomating.IntheUS,theproportionofrespondentsautomatingvulnerabilitymanagementhasleaptby13percentagepoints.IntheUKandAustralia,thedominantusecaseisphishinganalysis,withthreatintelligencemanagementinsecondplaceintheUKandalerttriagetakingsecondspotinAustralia.
AlerttriagealsotooksecondplaceintheUS,followedbyincidentresponse.Ingeneral,USrespondentsshowedagreaterlikelihoodofautomatingusecasesofallkinds.
Everycountryreportedproblemsimplementingcybersecurityautomation.Thetop
issueintheUKis“baddecisions”resultingfromautomatedprocesses-suchasblockingdomainnamesthatlooksuspiciousbutareinfactbenign,orblockinganemailtothe
8
CEOthatturnsouttobegenuine.Thisproblemwasreportedby36%ofUKrespondents.Itwasfollowedbyslowuseradoption(35.5%)andlackoftrustinoutcomes(31.5%).ForUSrespondents,theirchallengeslayinalackoftrustinoutcomes(32.5%andaparticularproblemforUSdefenserespondents),withalackofskillandbaddecisionsalsocausingdifficulties.InAustralia,lackoftrustinoutcomesisalsothetopissue,withAustralian
financialservicesthemostskepticalinthisarea.SlowuseradoptionandalackofskillsarealsokeybarriersforAustralianrespondents.
Regulatoryandcompliancechallengesareacommonproblem
Intermsofthetopthreebroaderchallengesfacingcybersecurityteams,themainareaofagreementwasaroundgrowingregulatory/compliancerequirements,whichfeaturedinthetopthreeforallcountries.USrespondentsaremostconcernedaboutinsufficientbudget(26.6%),whilehighteammemberchurnrate(25.2%)isthenumberoneconcerninAustralia.
Choosingfromarangeofstatementstheonethatbestmatchedtheirorganization’s
currentviewofcybersecurityautomation,USrespondentsweremostlikelytosayitis
“alreadycentraltotheircybersecuritystrategy”,whileAustralianrespondentssay,“itwillbecomemoreimportantastheygetbetteratexpandingit”.UKrespondentsare,perhapsunsurprisingly,themostlikelytosaythat“itiscausingmoreproblemsthanitsolves”.
Theglobaleconomicpictureisaffectingbudgetsinallregions
Onthetopicofbudget,therewasverylittlevariationbetweenthecountries,
demonstratingtheglobalnatureoftheeconomicuncertaintywe’reexperiencing.Allcountriesaredivertingbudgetfromotherareastobolsterautomationprograms;onlyaround18.5%weregettingnetnewbudget.
Thecountriesagreeonthemostimportantfeatureofcybersecurityautomationtools:theabilitytointegratemultipledatasources.TheUKistheonlycountrytofeaturelowtotalcostofownership(TCO)initstopthreefeatures,perhapsindicatingthatUKbusinessesarebeginningtoworkmoreonoptimizingsolutionsnow,astheirimplementation
cyclematures.Theavailabilityoftrainingisinthetopthreeforallcountries,andUS
respondentsarealsolookingforvisualizationtools,whileAustralianrespondentswantautomatedreporting.
RespondentsfromallregionsconcuronusinghowwelltheyaremanagingtheteamintermsofsatisfactionandretentionasthemainmetricformeasuringROI.TheUKislesslikelythanotherregionstobeassessingROIintermsofhowwellthejobisbeingdone(23%usethiscomparedwith33%intheUSand30%inAustralia).
Intermsofwhatwouldmakethebiggestdifferencetothreatintelligenceanalyst
wellbeing,theregionsvariedacrossthethreeareasofpeople,processandtechnology.Australianrespondentswantmorepeople,UKrespondentswantmoretraining(process),andUSrespondentswantsmartertechnology.
9
ThreatQuotientTake:
Theintensifyingregulatory/complianceenvironment,inconjunctionwithchallengingeconomic
conditions,arethetwocommonfactorsaffectingallthreecountriessurveyed.Beyondthis,theregionsdifferonthetopusecasesandthefactorsthatwouldmakethebiggestdifferencetowellbeing.ThereisalsoadecidedvariationbetweentheUKandotherregionsontheimportanceofcybersecurity
automationandsatisfactionwithit,particularlyamongUKdefenseandfinancialservicesrespondents.Thereasonsforthisarenotimmediatelyclearandoutsidethescopeofthisreport,butitwillbe
interestingtoseehowsentimentchangesinthenexteditionofthestudy.
VERTICALSECTORSNAPSHOT
Ingeneral,therehasbeenariseintheimportancethatindustriesplaceoncybersecurityautomation.Theonlyexceptionisthefinancialservicessector,wherethepercentage
ratingitimportanthasdroppedfrom75%to69%.
20222023
CentralGovernment
71%
75%
Defense
67%
73%
CriticalNationalInfrastructure-EnergyandUtilities
71%
82%
Retail
FinancialServices
55%
75%
77%
69%
ThreatQuotientTake:
Thefinancialservicessectoristypicallymorematurethanothersectorsontheroadtocybersecurity
automation,havingbeenanearlyadopter.Assuch,itencounteredthechallengeswehavedocumentedoverthetimewe’vebeenconductingthissurveyatanearlierstagethanthoseinothersectors.Nowitisstrivingtomitigatethemandoptimizeautomationdeployments.Otherindustries,earlierintheadoptioncycle,arebenefitingfromadvancesinautomationsolutionssomayfindtheyhaveaneasierjourney.
10
Industriesagreethatefficiencyisthemaindriverforadopting
cybersecurityautomation,butvaryonthekeyusecases
There’sconsensusacrossthedifferentsectorsonthemaindriverforadoptingmore
cybersecurityautomation:efficiencyistheprimarygoal.Theonlyoutlieriscritical
nationalinfrastructure,whereproductivitytopsthelist.Buttheroutetoachieving
theseefficiencyandproductivitygainsvariesintermsofthemostcommonusecases
forautomationineachsector.Forcentralgovernmentrespondents,thetopusecase
isphishinganalysis(35%),whilefordefenserespondents,incidentresponseandthreat
intelligencemanagementtieat34%.Criticalnationalinfrastructurerespondentsaremostlikelytobeusingitforvulnerabilitymanagement/prioritization(37%),whileinfinancial
servicesalerttriageisthemostpopularapplication.Intheretailsectoritisnotsurprisingthatpasswordresetisthetopusecase(32%).
Whenanalyzingtheproblemsexperiencedbyverticalsector,wefindthatslowuser
adoptionisthemainissueinfinancialservicesandcriticalnationalinfrastructure.
However,fordefenseandretailrespondents,themainissueislackoftrustinoutcomes.Incentralgovernmentbaddecisionsandalackofskillareequallychallenging.
Thetopthreechallengesforcybersecurityteamsvarybetweenverticals
Central
Government
Defense
Critical
National
Infrastructure
Retail
Financial
Services
1
2
3
Highteammemberchurnrate
Threatenvironmentis
escalatingfasterthan
ourdetection/defense
capability
Cybersecuritytool
sprawliscausing
inefficiencies=
Insufficientbudget
Lackoftime
Insufficientbudget
Growing
regulatory/compliancerequirements
Highteam
memberchurn
rate
Lackoftime
Alertfatigue
(toomanyalerts
foranalysts
tohandle
effectively)
Growing
regulatory/compliancerequirements
Alertfatigue(too
manyalertsfor
analyststohandle
effectively)
Lackofskills
=insufficient
budget
Growing
regulatory/
compliance
requirements
Insufficientbudget
Threat
environmentis
escalatingfaster
thanourdetection/
defensecapability
Highteammemberchurnrateisparticularlytroublingincentralgovernmentandcriticalnationalinfrastructureorganizations,especiallygiventhelengthyvettingprocessesandindustry-specificknowledgerequiredinthesesectors.Thefactthatretailandfinancial
servicescompaniesrankregulatoryandcompliancedemandsastheirbiggestchallengereflectsthefast-growingswatheofprivacyandsecurityregulationsthatthesesectorsaresubjectto.
11
Financialservicesanddefenseorganizationsarestrugglingwithautomation
Whenlookingathowsectorsviewcybersecurityautomation,thefinancialservices
storycontinuestoplayout.Oneinfiverespondentsinthissectorsaycybersecurity
automationiscreatingmoreproblemsthanitissolving,andthoseinthedefensesectorshareasimilarview.Thesearebothlikelytobefurtherintheirautomationjourney
andstrugglingmorewithchallengesandtryingtooptimizetheirdeployments.Central
governmentrespondentsaremostlikelytosayitwillgetmorefundamentaltotheir
approachastheygetbetteratexpandingitsuse.Criticalnationalinfrastructureandretailrespondentsarepositiveandplanningtorolloutmoreautomationinthecomingyear.
Thereisstrongconsensusacrosssectorsonthequestionofbudget,withthemajoritydivertingbudgetfromotherteamsandtoolsinordertopursueautomation.
Intermsofthefeaturesthey’relookingtoacquireviacybersecurityautomationsolutions,thefacilitytointegratemultipledatasourcesisthetoprequirementformost.However,forcriticalnationalinfrastructurerespondentstheavailabilityoftrainingtopsthelist,andforfinancialserviceslowtotalcostofownershipisthemainrequirement–againshowinghowthissectorisintheoptimizationphaseofdeployment.
SectorsagreethatteamsatisfactionandretentionarethebestwaytomeasureROI,butthereisvariationwhenconsideringthebestwaytomakeapositiveimpactonwellbeing:
CriticalNational
Infrastructure
Topchoiceforbiggestimpactonwellbeing
Investmentinsmartertoolsto simplifywork
Greater
flexibilityover
workinghours/
location
Consolidationof
existingtoolsto
simplifywork
Increasing
headcountAND
moreeffective
cybersecurity
automation
Moretechnicaltraining
sotheybecomemore
skilledatusingthetools
wehave
Central
Government
FinancialServices
Defense
Retail
ThreatQuotientTake:
Thevariationsbetweendifferentverticalsectorssuggestthatitisimportantthatbothvendorsandbuyersunderstandwherethebusinessisonitscybersecurityautomationmaturityjourneybeforeembarkingonthenextphase.Conductingamaturityassessmentwillallowbothpartiestodesignmoreeffectivesolutionsthataccuratelyaddressprevailingchallengesandbuildanachievableroadmapformoresuccessful
automationinfuture.Thefocusmustbeonpartnershipoverthelongterm,ratherthanattempting“fitandforget”stylesolutionsthatcanultimatelyleadtomorepainfurtherdowntheline.Cyberthreatsevolveallthetime,andsomustautomation.
12
ROLE-BASEDCOMPARISONS
Wesurveyedvariousrole-holderswithinthecybersecurityprofessionalcohort,includingCISOs,HeadsofCyberThreatIntelligence,HeadsofSOC,HeadsofIncidentResponse,
HeadsofITSecuritySoluti
温馨提示
- 1. 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。图纸软件为CAD,CAXA,PROE,UG,SolidWorks等.压缩文件请下载最新的WinRAR软件解压。
- 2. 本站的文档不包含任何第三方提供的附件图纸等,如果需要附件,请联系上传者。文件的所有权益归上传用户所有。
- 3. 本站RAR压缩包中若带图纸,网页内容里面会有图纸预览,若没有图纸预览就没有图纸。
- 4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
- 5. 人人文库网仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对用户上传分享的文档内容本身不做任何修改或编辑,并不能对任何下载内容负责。
- 6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
- 7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。
最新文档
- 2026年劳动技能教育试题及答案
- 幼儿园电缆敷设施工方案
- 2026年职业技能(互联网营销师)操作知识考试题库与答案
- 2026年工业废水处理工技能考试真题及答案
- 2026年LOGO设计真题及解析
- 酒店管理师备考冲刺模拟试卷含答案
- 江苏合庆小时工外包合同
- fesco劳务外包合同
- 装饰工程劳务外包合同
- 外聘导演签订外包合同
- 2026年北京市石景山区初三二模英语试卷(含答案及解析)
- 广告牌安装外包合同
- GB/T 47328.3-2026乳及乳制品感官分析第3部分:产品感官特性符合性评价评分法
- 2026汽车后市场行业格局与消费趋势研究报告
- 2025年中国海洋大学辅导员和专职党政管理人员招聘考试真题
- 2026年山东省济南市历下区中考化学二模试卷(含答案)
- 2026国家粮食和物资储备局招聘面试题库
- 2026年超星尔雅学习通尔雅文艺复兴史试卷押题宝典试题附答案详解(突破训练)
- 2026年苏教版小学四年级数学上册期中卷含答案
- 2026年4月浙江卷高考预测模拟数学试卷01
- A4版2022山东地理高考答题卡word版
评论
0/150
提交评论