Skybox® Security has released the results of a global survey conducted by Osterman Research, Understanding Security Processes and the Need to Automate. The survey, which includes responses from 465 senior security leaders at large enterprises in the U.S., EMEA and APAC, reveals trends in the use of security automation, as well as artificial intelligence (AI) and machine learning (ML). Survey questions focused on workflows in firewall and security policy management and vulnerability management.
Key findings included some surprises. For example, according to the results, APAC is ahead of the U.S. and EMEA in terms of automation for processes involved in the management of firewall rules and security policy — the automation of these processes is least common in EMEA. And despite being hyped at shows and in the media, technologies such as artificial intelligence and machine learning are still in early days, with few organizations using AI/ML in production — just four percent of respondents in EMEA, nine percent in the U.S. and 27 percent in APAC.
In general, the report reveals that companies worldwide are continuing to struggle with network security management, especially as those networks are growing more complex and increasing in size. Surprisingly, most are only partially automating workflows and processes to help overcome these challenges — but they do see the value and are looking to automate more in the future.
“Many organizations have significant deficiencies with regard to their firewall and security management,” said Michael Osterman, Principal Analyst of Osterman Research. “Most realize that they need to improve the way they manage security and policy, and they also realize that automating workflows and processes is key to these improvements.”
Additional insights from the report include the following:
“The good news: security leaders have started on their automation journey,” said Sean Keef, Skybox Director of Product Marketing. “However, the results of this survey show us that many companies have a long way to go. It seems security leaders are still trying to understand where they’re going to get the most value out of automation, while also ensuring they’re not putting the organization at risk. There are many areas, however, where it is absolutely essential to implement automation — and, in fact, where the automation reduces risk. For example, collecting/gathering data for attack surface visibility and modeling, network change management and rule lifecycle management. Networks are simply becoming too large and complex to manage manually. If you’re not already working with a vendor in these areas, you should start looking for one.”