The majority of IT decision-makers think the average cybersecurity professional wastes as much as 10 hours a week due to inadequate software.
According to a LogRhythm-sponsored survey of 751 IT decision-makers from the US, UK and Asia/Pacific, more than one-third of them also say their teams spend at least three hours a day on tasks that could be handled by better software.
The study, conducted by Widmeyer, further found that an overwhelming majority (88%) of respondents view insider threats as a dangerous and growing concern in defending their organizations.
The results come as the cybersecurity workforce is failing to keep up with demand. By 2021, there are estimated to be an astounding 3.5 million unfilled cybersecurity positions worldwide.
Many cybersecurity pros are working longer hours to compensate for the inefficiency and a lack of filled positions: Spiceworks found that knowledge workers like IT professionals worked on average 52 hours a week.
“The proliferation and innovation of business-enabling technology combined with the speed of today’s advanced hackers to adopt and adapt to the latest technology is making it increasingly difficult—if not impossible—for security teams to evolve their rapid threat detection and response capabilities as quickly as their adversaries,” said James Carder, chief information security officer (CISO) and vice president of LogRhythm Labs.
Artificial intelligence (AI) has been floated as a critical weapon that organizations can use to fight the cyber-war. The study asked about participants’ attitudes toward AI, and found that IT executives in the US believe that AI “will be the biggest game-changer for security over the next several years”. Decision-makers expect that faster threat detection will be the No 1 benefit of cloud-based AI security, followed by superior data analysis and improved collaboration.
Today, less than half of all the organizations surveyed use some form of AI to combat cyberthreats. Among organizations that do rely on AI, more than 90% believe it has improved the effectiveness of their cybersecurity operations.