Press Releases

Ponemon Institute and DomainTools Report Finds Security Automation Surges Worldwide, Complicates Hiring Needs

SEATTLE – April 15, 2019 – Today, DomainTools announced the results of its annual “Staffing the IT Security Function in the Age of Automation” report in conjunction with the Ponemon Institute. The survey analyzed the impact of automation on current IT security practices and staffing in the U.S., UK and APAC, finding that adoption is on the rise across all three regions. The U.S. is embracing automation at a faster pace than in other areas, with 79 percent of respondents saying they already use automation, or are planning to in the next three years. Overall, the U.S.-based findings demonstrate an increase in confidence in job security, and meaningful benefits brought forth by automation, including improved efficiency and productivity among security staff. Still, complexities remain in addressing the skills gap as organizations increase their use of automation.

Developments in automation tools for cybersecurity have directly influenced hiring and resource allocation among respondent organizations, two-thirds of which are global organizations with at least 1,000 employees. According to the report, nearly half of respondents (46 percent) cite an inability to properly staff their IT functions with skilled personnel, and noted that the gap in advanced cyber skills has been a driver for increasing investment in cyber automation technologies. Moreover, 73 percent of respondents based in the U.S. revealed the IT security function is typically understaffed; 70 percent of respondents in the UK and 67 percent of APAC-based respondents share these sentiments. In comparison to last year’s study, more respondents (65 percent) in the U.S. now believe that human involvement in security is important in the age of automation, with 48 percent saying automation will increase the need to hire people with more advanced technical skills.

“Within just one year, the perspective around adoption of automated technologies has notably shifted among security professionals,” said Dr. Larry Ponemon, chairman and founder of the Ponemon Institute. “Contrary to the popular belief that the rise of automation will threaten the job market, organizations now feel these technologies will help ease the current strain on resources, and offer the potential to promote job security for highly skilled staff, while strengthening cybersecurity defenses.”

The report revealed 40 percent of teams typically spend 51-100 staff hours per day triaging and investigating alerts, and 19 percent spend more than 100 hours. Moreover, 53 percent of respondents said their organization does not have enough staff to monitor threats 24/7. The findings also indicate that automation will improve teams’ abilities to prioritize threats and vulnerabilities, and increase the speed of analyzing them. This introduces new complexities around hiring needs, as a higher level of expertise is needed to leverage automation in an impactful way. The majority of respondents indicated that the jobs most likely to be automated in the next three years are activities that require lower skill levels (e.g. log analysis, malware analysis, threat analysis), while higher tier work, such as attack simulation and threat hunting are not as widely expected to become fully automated.

“The uptick in automation adoption indicated by survey responses is promising as it illustrates the adaptability of security teams in a continually evolving security landscape,” said Corin Imai, senior security advisor, DomainTools. “While the industry is becoming more comfortable with automation, and the technology is delivering a range of benefits, such as better prioritization of threats and increased productivity, the need for experienced staff remains significant. Automated technologies will certainly augment existing expertise and alleviate some of the resource limitations organizations face, but they are not a silver bullet to fix the existing skills gap.”

Additional trends revealed in this year’s report include:

  • More than half (54 percent) of respondents say reliance on legacy IT environments prevents the adoption of automation.
  • Sixty percent of respondents surveyed report automation will be used for threat hunting in the next few years.
  • Most respondents (61 percent) do not think they will lose their jobs because of automation, with 51 percent citing its inability to replace human intuition and hands-on experience as the primary reason.
  • AI is now a trusted part of security solutions for 70 percent of respondents. Forty-three percent say AI provides an additional layer of monitoring that they don’t currently have in place.

For more information on the report, download the full set of findings online , or register to attend DomainTools’ webinar, “Staffing the IT Security Function in the Age of Automation” taking place on April 16 at 10:00amPT / 1:00pmET.


The study, Staffing the IT Security Function in the Age of Automation, conducted by the Ponemon Institute on behalf of DomainTools, analyzes how companies are addressing the problem of attracting and retaining IT security practitioners and the impact automation and artificial intelligence (AI) will have on staffing. More than 1,400 IT and IT security practitioners in the US, UK and Asia-Pac who participate in attracting, hiring, promoting and retaining IT security personnel within their companies were surveyed. The report can be downloaded here and the full data is available by request.

About DomainTools

DomainTools helps security analysts turn threat data into threat intelligence. We take indicators from your network, including domains and IPs, and connect them with nearly every active domain on the Internet. Those connections inform risk assessments, help profile attackers, guide online fraud investigations, and map cyber activity to attacker infrastructure. Fortune 1000 companies, global government agencies, and leading security solution vendors use the DomainTools platform as a critical ingredient in their threat investigation and mitigation work. Learn more about how to connect the dots on malicious activity at or follow us on Twitter: @domaintools.

About Ponemon Institute

Ponemon Institute© is dedicated to advancing responsible information and privacy management practices in business and government. To achieve this objective, the Institute conducts independent research, educates leaders from the private and public sectors and verifies the privacy and data protection practices of organizations in a variety of industries.