Companies struggle with incident response: Is automation the solution?

Reacting quickly to incidents or alerts is critical to making sure your organization can prevent or mitigate damage from a cyberattack. But those quick reactions can be hampered by some very common problems.

While you’d be hard pressed to get nine-out-of-ten IT pros to agree on just about anything, 91% of security pros in a recent Hexadite survey said that manual processes hamper their ability to handle incident response. Other challenges included:

  • monitoring incident response from end-to-end to ensure all incidents are addressed and closed (47%)
  • keeping up with the volume of external threat intelligence (46%), and
  • keeping up with the volume of security alerts.

Shortage of IT pros

Of course, the challenge of keeping up with alerts and incidents is only compounded when staff is already stretched thin. Ninety-one percent of respondents said they’re looking to increase the size of their incident response staff.

Unless and until that happens, it would seem the next best option is to automate the processes that are able to be handled better by machines than workers. According to the survey:

  • 50% of IT pros are automating or planning to automate security data collection tasks
  • 49% are using or planning to use incident response automation to reduce errors in the incident response processes, and
  • 47% are using or planning to use incident responses automation to help triage security issues.

While automated solutions may be the future of incident response, just know that no solution will be cheap or easy. Hiring for IT positions is incredibly difficult these days, and automated solutions, while freeing of your staff’s time, may require significant investments on the front-end.

Across the board, spending on incident response is set to increase in the next two years. More than half (51%) of respondents said they’re going to increase spending somewhat and 40% said they’d increase spending significantly.