Automation Can Help IT With Security Breaches

Karen A. Frenkel Avatar

Updated on:

Automation Can Help IT With Security Breaches

Automation Can Help IT With Security BreachesAutomation Can Help IT With Security Breaches

A new study suggests automating processes so that security personnel can focus on higher-value security sleuthing.

Breaches Go UnaddressedBreaches Go Unaddressed

81% of the CISOs surveyed are very concerned that breaches are going unaddressed in their organization, and 78% are worried about their ability to detect breaches.

Problems Prioritizing Security AlertsProblems Prioritizing Security Alerts

70% of the respondents said it is difficult to prioritize security alerts based on the importance of the data attacked—a failure that could paralyze them if thousands of attacks hit them daily.

Manual Processes Are in the WayManual Processes Are in the Way

28% of CISOs said manual processes are a barrier to effective security, and 66% said they plan to automate more processes within the next three years.

Increasing Adoption of Automation TechnologiesIncreasing Adoption of Automation Technologies

30% automate more than 40% of their security processes, and 90% have automated alerts for the basics like email and phones. The complexity of tasks to be automated is expected to increase sharply in the near future.

Tasks Being Automated Today and in Three YearsTasks Being Automated Today and in Three Years

Prioritizing incidents based on business criticality: 58% today, 72% in 3 years.
Aggregating incident reporting by day/week/month: 58% today, 66% in 3 years.
Trend reporting: 54% today, 69% in 3 years.
Contextualizing and identifying business criticality of threats: 48% today, 69% in 3 years.
Aggregation of alerts or incidents from multiple security tools into one system: 40% today, 77% in 3 years.
Threat intelligence research: 34% today, 81% in 3 year

Quality and Quantity of Data Are CriticalQuality and Quantity of Data Are Critical

90% of respondents said data that flows from IT is very important in detecting and responding to breaches and that increasing automation from a common IT and security platform could improve the data flow and speed response times

Enhancing Security TalenEnhancing Security Talen

91% of the CISOs said attracting and up-skilling talent is critical to enterprise security, but only 55% said their teams have developed skills to address future threats.

Automation Doesn't Minimize People's RolesAutomation Doesn’t Minimize People’s Roles

People are critical to security. “I need someone with philosophy or psychology skills, too,” said one respondent. “I need to know why people would click on a link, or how people are thinking, in order to change how we are operating.”

Shortage of Talent Skilled in AutomationShortage of Talent Skilled in Automation

Only 9% of respondents said their company has highly developed skills in automation.

Automation Can Free Security PersonnelAutomation Can Free Security Personnel

Automation can help workers do higher-level work, such as focusing on more interesting tasks like threat hunting and remediation.

RecommendationsRecommendations

Handle alert overloads by automatically prioritizing them based on their potential impact.
Build relationships between security and other functions at the C-level and those who fight security daily.
Build a security response program that fosters communication to enable security and IT to coordinate responses more effectively.
Automate. It will increase workers’ satisfaction by freeing them to do higher-value work.

Karen A. Frenkel Avatar