While cybersecurity teams are contending with rising workloads and chronic staffing issues, new research shows practitioners are still charging ahead and meeting targets.
In a new study from Tines and IDC, 88% of InfoSec leaders said their teams are exceeding targets, and a key factor here lies in the adoption of new AI tools and automation.
The study found that six-in-ten leaders work with teams consisting of 10 practitioners or fewer. However, 72% said that they'd been expected to take on more work over the last year, and a quarter said they'd had to work evenings or weekends.
Virtually all were enthusiastic about AI, with only one-in-twenty worried about their job. Notably, they want to see AI and automation eliminate business siloes, with nearly all looking to connect these tools across security, IT, and DevOps functions.
The most common AI use cases so far include manipulating security data, with around a third of teams using AI for summarization, threat intelligence analysis, or threat detection.
If they were only able to use AI and automation to free up more time, 43% said they'd use it to focus more on security policy development, with a similar number saying they'd do more on training and development, and 38% on incident response planning.
That’s easier said than done, however. Tines’ study revealed a third of security leaders are worried about the time required to train their teams on AI, with a quarter citing compliance as a problem.
Other hurdles included AI hallucinations, secure AI adoption, and slower than expected implementation times.
"Security professionals, who already face an unprecedented threat landscape in 2025, are met with the daunting task to integrate AI across their workflows," said Matt Muller, field CISO at Tines.
"Our research shows that security teams are stepping up. However, organizations must take a flexible approach to automation and AI to ensure it remains secure and effective."
Tool sprawl remains a problem in cybersecurity
A key barrier to productivity in security teams is tool sprawl, according to the study from Tines. More than half of teams typically manage 20 to 49 tools, while 23% use fewer than 20, and 22% use 50 to 99.
But only a third of security leaders said they were satisfied with their team’s tools, with a quarter struggling with poor integration, and a third reckoning their stack lacks key functionality.
"Siloed automation across departments complicates managing security programs and creates vulnerabilities, especially as less technical employees adopt these technologies," said Christopher Kissel, research vice president, security and trust products at IDC Research, which carried out the research.
"The security leaders we surveyed are strongly in favor of embracing shared automation between security and closely-knit business units like IT and DevOps to improve collaboration, strengthen security posture, streamline operations, and reduce complexity."
RELATED WHITEPAPER
Tool sprawl is a frequent complaint among IT professionals, with a report last year from Google Workspace finding that teams with ten or more security tools experienced more incidents than those with a consolidated tech stack.
That didn't stop IT leaders from introducing them, however, with nearly two-thirds admitting to adding new security tools as they go along.
MORE FROM ITPRO
- Cybersecurity skills: Addressing the gaps and challenges
- MSPs are struggling with cyber security skills shortages
- Cybersecurity is the fastest growing tech occupation in the UK
-
‘We are now a full-fledged powerhouse’: Two years on from its Series B round, Hack the Box targets further growth with AI-powered cyber training programs and new market opportunitiesNews Hack the Box has grown significantly in the last two years, and it shows no signs of slowing down
-
Law enforcement needs to fight fire with fire on AI threatsNews UK law enforcement agencies have been urged to employ a more proactive approach to AI-related cyber crime as threats posed by the technology accelerate.
-
Have I Been Pwned owner Troy Hunt’s mailing list compromised in phishing attackTroy Hunt, the security blogger behind data-breach site Have I Been Pwned, has fallen victim to a phishing attack targeting his email subscriber list.
-
300 days under the radar: How Volt Typhoon eluded detection in the US electric grid for nearly a yearAnalysis Lengthy OT lifespans give attackers time to penetrate networks underpinning critical infrastructure and plan future disruption
-
There’s a new ransomware player on the scene: the ‘BlackLock’ group has become one of the most prolific operators in the cyber crime industry – and researchers warn it’s only going to get worse for potential victimsNews Security experts have warned the BlackLock group could become the most active ransomware operator in 2025
-
8Base ransomware members snared in global police crackdownNews Members of the prolific 8Base ransomware gang have been snared in a joint police operation.
-
Developers can't get a handle on application security risksNews Research by Legit Security shows a majority of organizations have high risk applications in developer environments.
-
Compliant security with CDWwhitepaper Maximising the value of technology in an evolving defence sector
