While cybersecurity teams are contending with rising workloads and chronic staffing issues, new research shows practitioners are still charging ahead and meeting targets.
In a new study from Tines and IDC, 88% of InfoSec leaders said their teams are exceeding targets, and a key factor here lies in the adoption of new AI tools and automation.
The study found that six-in-ten leaders work with teams consisting of 10 practitioners or fewer. However, 72% said that they'd been expected to take on more work over the last year, and a quarter said they'd had to work evenings or weekends.
Virtually all were enthusiastic about AI, with only one-in-twenty worried about their job. Notably, they want to see AI and automation eliminate business siloes, with nearly all looking to connect these tools across security, IT, and DevOps functions.
The most common AI use cases so far include manipulating security data, with around a third of teams using AI for summarization, threat intelligence analysis, or threat detection.
If they were only able to use AI and automation to free up more time, 43% said they'd use it to focus more on security policy development, with a similar number saying they'd do more on training and development, and 38% on incident response planning.
That’s easier said than done, however. Tines’ study revealed a third of security leaders are worried about the time required to train their teams on AI, with a quarter citing compliance as a problem.
Other hurdles included AI hallucinations, secure AI adoption, and slower than expected implementation times.
"Security professionals, who already face an unprecedented threat landscape in 2025, are met with the daunting task to integrate AI across their workflows," said Matt Muller, field CISO at Tines.
"Our research shows that security teams are stepping up. However, organizations must take a flexible approach to automation and AI to ensure it remains secure and effective."
Tool sprawl remains a problem in cybersecurity
A key barrier to productivity in security teams is tool sprawl, according to the study from Tines. More than half of teams typically manage 20 to 49 tools, while 23% use fewer than 20, and 22% use 50 to 99.
But only a third of security leaders said they were satisfied with their team’s tools, with a quarter struggling with poor integration, and a third reckoning their stack lacks key functionality.
"Siloed automation across departments complicates managing security programs and creates vulnerabilities, especially as less technical employees adopt these technologies," said Christopher Kissel, research vice president, security and trust products at IDC Research, which carried out the research.
"The security leaders we surveyed are strongly in favor of embracing shared automation between security and closely-knit business units like IT and DevOps to improve collaboration, strengthen security posture, streamline operations, and reduce complexity."
Tool sprawl is a frequent complaint among IT professionals, with a report last year from Google Workspace finding that teams with ten or more security tools experienced more incidents than those with a consolidated tech stack.
That didn't stop IT leaders from introducing them, however, with nearly two-thirds admitting to adding new security tools as they go along.
MORE FROM ITPRO
