There are many places to find backward-looking statistics of how many attacks were launched in cyberspace. Forward-looking guidance areas that security managers should focus on are harder to find. In times of economic uncertainty, it is even more critical for security teams to prioritize resources to increase effectiveness and efficiency in dealing with known threats while also minimizing the risk from emerging attacks.
The problem today is that there are too many tools, too little integration among them, and more noise than a team can analyze and understand – all of which add up to less visibility into threats and less efficient security teams. Automation is supposed to solve the “tool fatigue” problem, surfacing the most critical issues by running playbooks against common threats and freeing up valuable resources for other tasks. However, expectations for automation have outpaced its capabilities to drastically reduce human intervention in security monitoring.