Automation Can Help IT With Security Breaches
A new study suggests automating processes so that security personnel can focus on higher-value security sleuthing.
81% of the CISOs surveyed are very concerned that breaches are going unaddressed in their organization, and 78% are worried about their ability to detect breaches.
70% of the respondents said it is difficult to prioritize security alerts based on the importance of the data attacked—a failure that could paralyze them if thousands of attacks hit them daily.
28% of CISOs said manual processes are a barrier to effective security, and 66% said they plan to automate more processes within the next three years.
30% automate more than 40% of their security processes, and 90% have automated alerts for the basics like email and phones. The complexity of tasks to be automated is expected to increase sharply in the near future.
Prioritizing incidents based on business criticality: 58% today, 72% in 3 years.
Aggregating incident reporting by day/week/month: 58% today, 66% in 3 years.
Trend reporting: 54% today, 69% in 3 years.
Contextualizing and identifying business criticality of threats: 48% today, 69% in 3 years.
Aggregation of alerts or incidents from multiple security tools into one system: 40% today, 77% in 3 years.
Threat intelligence research: 34% today, 81% in 3 year
90% of respondents said data that flows from IT is very important in detecting and responding to breaches and that increasing automation from a common IT and security platform could improve the data flow and speed response times
91% of the CISOs said attracting and up-skilling talent is critical to enterprise security, but only 55% said their teams have developed skills to address future threats.
People are critical to security. “I need someone with philosophy or psychology skills, too,” said one respondent. “I need to know why people would click on a link, or how people are thinking, in order to change how we are operating.”
Only 9% of respondents said their company has highly developed skills in automation.
Automation can help workers do higher-level work, such as focusing on more interesting tasks like threat hunting and remediation.
Handle alert overloads by automatically prioritizing them based on their potential impact.
Build relationships between security and other functions at the C-level and those who fight security daily.
Build a security response program that fosters communication to enable security and IT to coordinate responses more effectively.
Automate. It will increase workers’ satisfaction by freeing them to do higher-value work.