Palo Alto Networks Inc. conducted a recent survey that studied about 1,300 c-level executives globally across various industries and organizations. The survey tracks the latest trends and themes in cybersecurity, including the growing need for automation.

The lack of skills in the cybersecurity industry is a genuine and challenging problem. Many organizations are turning to process automation and AI to fill this gap. With automation, cybersecurity manual tasks can now be much easier to tackle with machines than humans. This puts the cybersecurity skills shortage in a different light, according to Zeynep Ozdemir (pictured), chief marketing officer of Palo Alto Networks.

“North America [survey] responders said: ‘We’re automating more, we’re using more AI, we’re using more process automation to make sure we do the heavy lifting with machines and then only present to the people with what they’re very good at … making judgments,'” she said. “In the other parts of the world, the top answer to that question of how you’re tackling cybersecurity skill shortage was: ‘We’re trying to provide higher wages and better benefits to the existing people.’ I think the world is moving towards the former, which is let’s do as much as we can with AI and machines and automation.”

Ozdemir spoke with theCUBE industry analyst Lisa Martin and Dave Vellante at Ignite ’22, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. (* Disclosure below.)

They discussed the Palo Alto survey, executive discussions and difficulties, skills gaps in cybersecurity, and security awareness. [The following content has been condensed for clarity.]

Martin: Industries and organizations are saying that hybrid work and remote work became status quo. What are some of the things that you think the survey really demonstrated that validate the direction that Palo Alto Networks is going in? 

Ozdemir: One of the most significant stats or data points we’ve seen was that out of everybody interviewed, 96% of participants had experienced one or more cybersecurity breaches in the past 12 months. That was more than what we expected. And then 57% of them experienced three or more. So those stats are worth sharing in terms of where the state of cybersecurity is. It was also personally interesting to me that 33% of them experienced an operational disruption due to a breach, which is a big number. 

Vellante: Early in the pandemic, we saw a real shift — because of hybrid work — towards endpoint security, cloud security. Organizations were rearchitecting their networks, with a new focus on different thinking about network security and identity. Was there a knee-jerk reaction to get point tools to plug some of those holes? 

Ozdemir: I’ll give you a data point from the survey that answers this question. When we asked these executives what keeps them up at night, what’s their biggest concern? A significant majority of them said, ‘Oh, we’re having difficulty with data management.’ And what that means is that all these tools they’ve deployed generate a lot of insights and data, but they’re disconnected, right? So there is no one place where you can look at it holistically and come to conclusions very fast about how threat actors are moving in an organization. 

So that’s a direct result of this proliferation of tools. And you’re right … it’s a natural thing to deploy products very quickly. But then you have to take a step back and say, ‘How do I make this more effective? How do I bring things together, bring all my data together to be able to get to threats and detect threats much faster?’

Martin: You found a lack of alignment between the boards and the executive levels. How are you helping facilitate that alignment? 

Ozdemir: We have a big role in helping security executives communicate better with boards and C-level executives in their organizations. Because, as we said, it’s a very complex topic and it has to be taken from two angles when there’s … a board-level discussion. One, how are you reducing risk and making sure that you’re resilient? Two, what do you think about return on investment; what’s the right level of investment, and is that investment going to get us the return we need? 

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of Ignite ’22:

(* Disclosure: TheCUBE is a paid media partner for Ignite ’22. Neither Palo Alto Networks Inc., the sponsor for theCUBE’s event coverage, nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE