- Perplexity is the AI tool Google wishes Gemini could be
- My pick for best budget OLED laptop is finally on sale - and more affordable than ever
- iPhone users just got access to Gemini's Deep Research - how to try it
- Game On: Embark on a New Hacking Mission in Cisco U.
- This 3-in-1 wireless charger should be on every Apple user's wishlist - and it's super sleek
Automation and a “back to basics” approach will shape cybersecurity
Security teams are overwhelmed. That’s not an exaggeration — it’s just a statement of fact. Talk to security professionals at any organization, from small businesses to Fortune 500 companies, and you’ll hear the same story. SecOps and security engineering teams are stretched thin, with their attention divided across cloud, automation, AI, containers, scalable environments, and dozens of other “urgent” priorities. What’s more, the number of security controls in place has increased dramatically over the past several years, resulting in a never-ending flood of alerts to analyze and incidents to investigate.
Unfortunately, this comes at a time when staffing pressures are at an all-time high. Before the COVID-19 pandemic, organizations invested heavily in security solutions — but recent economic pressures, staffing reductions, and management demands are making it difficult for security and IT teams to keep pace with the evolving threat landscape. With new vulnerabilities emerging faster than security teams can keep up with, many are being forced to pick and choose which exposures to address and which to set aside. This isn’t just leaving organizations open to potential attacks — it’s fatiguing security professionals and leaving them prone to burnout. As we kick off 2025, organizations will need to reevaluate how they approach security.
Embracing simplicity and automation
Two key trends have begun to emerge as organizations consider how to address the increasingly perilous security landscape. First, a growing number of organizations are embracing a “back to basics” approach to security, focusing on essential security controls and best practices and reducing the number of extraneous security solutions in place. The idea here is to reduce the security stack to a leaner, more effective toolkit. This can be a good idea — if done carefully. With so many security solutions on the market, organizations may have overlapping controls in place without even knowing it. By validating their security solutions and determining which ones are actually necessary, organizations can save money while also reducing the volume of redundant alerts security teams receive.
The second trend is no surprise: as AI and automation capabilities become more advanced, organizations are increasingly seeking to leverage autonomous security solutions. Those solutions have primarily been focused in two key areas: threat detection and response and exposure management. Today’s threat detection and response solutions tend to utilize endpoint detection and response (EDR), Security Information and Event Management (SIEM) systems, and other orchestration tools to collect data, analyze it, identify key threats, and respond accordingly. Exposure management, on the other hand, consolidates vulnerabilities and misconfigurations, prioritizing recommended actions based on unified security metrics and allowing organizations to more effectively determine which issues are critical and which can be safely deferred.
Keeping security teams focused on what matters
These growing trends are having a meaningful impact on security and IT personnel, helping to ease the burden placed upon them while also allowing them to be more effective. At a time when the ongoing cybersecurity skills shortage has made it difficult for many organizations to hire experienced security professionals, this is a significant development. The truth is, security professionals enter the field because they enjoy problem solving. They want the opportunity to think laterally, solve problems, and make a difference for their organization. Security teams don’t mind being busy — they just don’t want to be bogged down in busywork. When skilled employees are stuck performing repetitive tasks or engaging in fruitless investigations, burnout tends to come quickly.
By automating the more tedious elements of security and reducing the number of frivolous tickets and alerts, organizations are increasingly keeping their IT and security teams engaged with their work. While limiting the number of security solutions in use might seem risky, it is often the best approach. By prioritizing complementary solutions rather than overlapping ones, organizations can limit the number of duplicate alerts and ensure that security teams are focused on only the most pressing threats. This reduces response times, limiting attackers’ ability to operate freely and expand their footprint within the network. Instead of investigating perceived vulnerabilities that turn out to safely covered by compensating controls, security teams can quickly snap into action remediating actual threats and exposures.
Getting back to basics
As AI capabilities continue to improve and automated solutions become more reliable, we can expect the trend toward automation to continue into 2025. Coupled with the trend toward a more streamlined security stack, we are likely to see security teams become leaner and meaner in the coming years, becoming increasingly effective using a smaller number of more purpose-driven solutions. Organizations are beginning to recognize that simply layering the newest, most “cutting edge” solutions atop one another isn’t always the answer — often, the best solution is the simplest one. It’s likely that organizations will look to embrace “back to basics” approach this year, and modern, automated security solutions will help provide them with the capacity and bandwidth to do it.
