Automation Can Help IT With Security Breaches

 
 
By Karen A. Frenkel  |  Posted 06-06-2017 Email
 
 
 
 
 
 
 
 
 
  • Previous
    Automation Can Help IT With Security Breaches
    Next

    Automation Can Help IT With Security Breaches

    A new study suggests automating processes so that security personnel can focus on higher-value security sleuthing.
  • Previous
    Breaches Go Unaddressed
    Next

    Breaches Go Unaddressed

    81% of the CISOs surveyed are very concerned that breaches are going unaddressed in their organization, and 78% are worried about their ability to detect breaches.
  • Previous
    Problems Prioritizing Security Alerts
    Next

    Problems Prioritizing Security Alerts

    70% of the respondents said it is difficult to prioritize security alerts based on the importance of the data attacked—a failure that could paralyze them if thousands of attacks hit them daily.
  • Previous
    Manual Processes Are in the Way
    Next

    Manual Processes Are in the Way

    28% of CISOs said manual processes are a barrier to effective security, and 66% said they plan to automate more processes within the next three years.
  • Previous
    Increasing Adoption of Automation Technologies
    Next

    Increasing Adoption of Automation Technologies

    30% automate more than 40% of their security processes, and 90% have automated alerts for the basics like email and phones. The complexity of tasks to be automated is expected to increase sharply in the near future.
  • Previous
    Tasks Being Automated Today and in Three Years
    Next

    Tasks Being Automated Today and in Three Years

    Prioritizing incidents based on business criticality: 58% today, 72% in 3 years. Aggregating incident reporting by day/week/month: 58% today, 66% in 3 years. Trend reporting: 54% today, 69% in 3 years. Contextualizing and identifying business criticality of threats: 48% today, 69% in 3 years. Aggregation of alerts or incidents from multiple security tools into one system: 40% today, 77% in 3 years. Threat intelligence research: 34% today, 81% in 3 year
  • Previous
    Quality and Quantity of Data Are Critical
    Next

    Quality and Quantity of Data Are Critical

    90% of respondents said data that flows from IT is very important in detecting and responding to breaches and that increasing automation from a common IT and security platform could improve the data flow and speed response times
  • Previous
    Enhancing Security Talen
    Next

    Enhancing Security Talen

    91% of the CISOs said attracting and up-skilling talent is critical to enterprise security, but only 55% said their teams have developed skills to address future threats.
  • Previous
    Automation Doesn't Minimize People's Roles
    Next

    Automation Doesn't Minimize People's Roles

    People are critical to security. "I need someone with philosophy or psychology skills, too," said one respondent. "I need to know why people would click on a link, or how people are thinking, in order to change how we are operating."
  • Previous
    Shortage of Talent Skilled in Automation
    Next

    Shortage of Talent Skilled in Automation

    Only 9% of respondents said their company has highly developed skills in automation.
  • Previous
    Automation Can Free Security Personnel
    Next

    Automation Can Free Security Personnel

    Automation can help workers do higher-level work, such as focusing on more interesting tasks like threat hunting and remediation.
  • Previous
    Recommendations
    Next

    Recommendations

    Handle alert overloads by automatically prioritizing them based on their potential impact. Build relationships between security and other functions at the C-level and those who fight security daily. Build a security response program that fosters communication to enable security and IT to coordinate responses more effectively. Automate. It will increase workers' satisfaction by freeing them to do higher-value work.
 

Most enterprises are not responding effectively to security breaches and, as a result, they face a rising risk to their financial performance, operational continuity and reputation, according to a recent study, "The Global CISO Study: How Leading Organizations Respond to Security Threats and Keep Data Safe," commissioned by workflow software provider ServiceNow and conducted by Oxford Economics. Only 19 percent of security executives surveyed said their company is highly effective at preventing breaches. They face three major vulnerabilities: difficulty in prioritizing security alerts, manual processes that are barriers to effective security, and difficulty attracting and up-skilling security talent. The report also focuses on steps organizations are taking to enhance security, such as automating routine processes. "Automating and orchestrating security response is the missing link for CISOs to radically increase the effectiveness of their security programs," said Sean Convery, general manager, Security Business Unit, ServiceNow. The report is based on responses from 300 CISOs from Australia, France, Germany, Singapore, the United Kingdom and the United States.

 
 
 
 
 
Karen A. Frenkel writes about technology and innovation and lives in New York City.

 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login Register