Automation Can Help IT With Security Breaches
-
Automation Can Help IT With Security Breaches
A new study suggests automating processes so that security personnel can focus on higher-value security sleuthing. -
Breaches Go Unaddressed
81% of the CISOs surveyed are very concerned that breaches are going unaddressed in their organization, and 78% are worried about their ability to detect breaches. -
Problems Prioritizing Security Alerts
70% of the respondents said it is difficult to prioritize security alerts based on the importance of the data attacked—a failure that could paralyze them if thousands of attacks hit them daily. -
Manual Processes Are in the Way
28% of CISOs said manual processes are a barrier to effective security, and 66% said they plan to automate more processes within the next three years. -
Increasing Adoption of Automation Technologies
30% automate more than 40% of their security processes, and 90% have automated alerts for the basics like email and phones. The complexity of tasks to be automated is expected to increase sharply in the near future. -
Tasks Being Automated Today and in Three Years
Prioritizing incidents based on business criticality: 58% today, 72% in 3 years. Aggregating incident reporting by day/week/month: 58% today, 66% in 3 years. Trend reporting: 54% today, 69% in 3 years. Contextualizing and identifying business criticality of threats: 48% today, 69% in 3 years. Aggregation of alerts or incidents from multiple security tools into one system: 40% today, 77% in 3 years. Threat intelligence research: 34% today, 81% in 3 year -
Quality and Quantity of Data Are Critical
90% of respondents said data that flows from IT is very important in detecting and responding to breaches and that increasing automation from a common IT and security platform could improve the data flow and speed response times -
Enhancing Security Talen
91% of the CISOs said attracting and up-skilling talent is critical to enterprise security, but only 55% said their teams have developed skills to address future threats. -
Automation Doesn't Minimize People's Roles
People are critical to security. "I need someone with philosophy or psychology skills, too," said one respondent. "I need to know why people would click on a link, or how people are thinking, in order to change how we are operating." -
Shortage of Talent Skilled in Automation
Only 9% of respondents said their company has highly developed skills in automation. -
Automation Can Free Security Personnel
Automation can help workers do higher-level work, such as focusing on more interesting tasks like threat hunting and remediation. -
Recommendations
Handle alert overloads by automatically prioritizing them based on their potential impact. Build relationships between security and other functions at the C-level and those who fight security daily. Build a security response program that fosters communication to enable security and IT to coordinate responses more effectively. Automate. It will increase workers' satisfaction by freeing them to do higher-value work.
Most enterprises are not responding effectively to security breaches and, as a result, they face a rising risk to their financial performance, operational continuity and reputation, according to a recent study, "The Global CISO Study: How Leading Organizations Respond to Security Threats and Keep Data Safe," commissioned by workflow software provider ServiceNow and conducted by Oxford Economics. Only 19 percent of security executives surveyed said their company is highly effective at preventing breaches. They face three major vulnerabilities: difficulty in prioritizing security alerts, manual processes that are barriers to effective security, and difficulty attracting and up-skilling security talent. The report also focuses on steps organizations are taking to enhance security, such as automating routine processes. "Automating and orchestrating security response is the missing link for CISOs to radically increase the effectiveness of their security programs," said Sean Convery, general manager, Security Business Unit, ServiceNow. The report is based on responses from 300 CISOs from Australia, France, Germany, Singapore, the United Kingdom and the United States.