The Impact of Security Automation on Hiring Trends
Compiling data drawn from surveys sent out to more than a thousand IT and IT security practitioners within the UK and US, the Ponemon Institute, in collaboration with DomainTools, have recently published their insights in the report titled “Staffing the IT Security Function in the Age of Automation”.
Will automation shrink IT security functions’ headcount?
According to the report, more than half of the respondents (51%) believe that automation will lead to a loss of employment opportunities within the security field. This mentality seems to have shifted quite dramatically as it has risen by 30% in comparison to the results obtained last year. Between the UK and the US, however, it would appear that this rising belief is especially pronounced among the UK respondents, with 56% answering that it would reduce headcount, compared to 45% of US respondents. Correlating with this belief, is the upsurge of concern that they may be made redundant due to automation, from 28% to 37% in the last year alone. Yet, despite these fears, around 1 in 7 organisations’ IT security functions are understaffed.
Humans won’t become obsolete
While most respondents agree that automation has the benefit of freeing IT security staff from the more mundane tasks to focus on resolving serious vulnerabilities, there is still an underlying understanding that the role of humans is indispensable. Indeed, only 40% of respondents trust automation to reduce human error and 74% insist that automation is not capable of accomplishing certain tasks done by IT security staff. In this way, it looks as if the sentiment towards automation is bittersweet.
Nevertheless, rather than the loss of bodies within the sector, Dr. Larry Ponemon, chairman and founder of the Ponemon Institute, responds with optimism. He states that “What is more likely is for there to be a consolidation of existing roles, rather than an elimination. This means better opportunities for employees to up-level their current skills to create more value-added roles as the human side of security remains as important as ever.”