D3 Security and SANS Survey Illustrates the Need for Security Automation to Stabilize the Critical Resource and Skills Gap

Survey Responses Highlight the Current State and Future Trends of Automation in Key Industries

D3 Security, an innovator in security orchestration, automation and response (SOAR) technology, today announced the results of the 2019 Automation and Integration Survey, executed by SANS. The D3-sponsored study surveyed over 250 professionals with representation from five key industries that are considered enablers of automation (banking and finance; cybersecurity; government; technology; and telecommunications), who are directly involved in their organizations’ security operations and incident response (IR) practices.

The results of the study suggest that most organizations understand that automation is the path to achieve optimal workflows in the face of staff shortages and alert fatigue. Yet, 59% of survey respondents indicated that their organizations use low levels or no automation of key security and incident response tasks. D3’s mission to provide an adaptable, easily-deployed, cost-efficient, and customizable SOAR platform has been reinforced by the priorities highlighted in this survey by industry practitioners who are seeking a better solution to their security operation woes.

“Making thingslook easy takes time and effort,” said Barbara Filkins, SANS analyst and author of the report. “Given the investment your organization is, or will be, making in time and resources needed to get the workflows correct, be sure to choose your SOAR technology wisely.”

As the study demonstrates, cybersecurity professionals are turning their focus to SOAR in their search for a solution that will not only answer the immediate need to overcome the current resource and skills gap, but also enhance security operations in the years to come. To learn more about how security automation is a critical component to combatting the current and evolving threat landscape, please view Part 1 and 2 of the SANS Automation and Integration Survey Webcasts here.

Key Findings – The State of Security Automation

• Security monitoring and detection are the key activities supported by automation, with over 60% of respondents reporting a medium or high level of automation processes.
• Data protection and monitoring is next-highest, with nearly 50% of respondents reporting a medium or high level of automation processes.
• Not surprisingly, tools related to alerts and log analysis exhibit higher levels of automation than behavioral monitoring (profiling) or digital forensics.
• More than 57% of respondents anticipate changes to the focus of their use of automation in the next 12 months, while another 28% remain unsure.
• The top three factors affecting the level of investment in automation are budget and management support; skills required to integrate and operate tools; and amount of skilled staff.

To download the 2019 SANS Automation & Integration Survey, please visit: https://d3security.com/sans-automation-integration-survey-2019/.

To register for the What’s Next in Automation Support: Part 2 of the SANS Automation and Integration Survey webcast, please visit: https://www.sans.org/webcasts/108890.

About SANS

The SANS Institute was established in 1989 as a cooperative research and education organization. Its programs now reach more than 165,000 security professionals around the world. A range of individuals from auditors and network administrators, to chief information security officers are sharing the lessons they learn and are jointly finding solutions to the challenges they face. At the heart of SANS are the many security practitioners in varied global organizations from corporations to universities working together to help the entire information security community. SANS is the most trusted and by far the largest source for information security training and security certification in the world. It also develops, maintains, and makes available at no cost, the largest collection of research documents about various aspects of information security, and it operates the Internet’s early warning system – the Internet Storm Center. For more information, please visit: https://www.sans.org/.

About D3 Security

D3 Security’s orchestration, automation, response and case management solutions are the foundation of the world’s most advanced security operations, including over 20 percent of the Fortune 500. D3 seamlessly facilitates collaboration within the security operations center and across departments through a flexible platform that streamlines incident management, orchestrates human and machine processes and documents all actions taken to assure that organizations meet industry requirements and compliance reporting standards. For more information, please visit https://d3security.com.