3 reasons why security automation is as cool as blockchain

When security teams take advantage of automation, they can rapidly triage alerts, investigate incidents, contain threats, and protect their companies and customers faster than ever before.

cool cat with sunglasses independent

In October 2017, Forrester published one of its most popular reports, The Top 10 Technology Trends To Watch: 2018 to 2020.

According to the report, a “dawning trend” is that automated security intelligence and breach response will unshackle security and risk. The other trends that received the same position were: IoT will shift computing toward the edge, distributed trust systems (i.e. Blockchain, cryptocurrencies, and distributed ledgers) will challenge centralized authorities, and employee experience will redefine apps.  Security automation is as big of a deal as IoT and blockchain?  Yes! It’s time to start paying attention.   

Let’s take a closer look at why we believe security automation will be such an important trend in 2018.

1. Organizations are buried by an avalanche of security alerts

Companies often use dozens of security products aimed at protection and detection. These systems funnel an ever-growing number of alerts and incident notifications to security teams. Most organizations use spreadsheets and email to manage responding to all these alerts. If a security organization can’t keep up with the volume of work, the typical solution is to add manpower. This approach simply cannot scale fast enough because the needed growth in manpower simply can’t keep pace with the growing volume of alerts. As a result, enterprises are slow to triage and mitigate security issues.  They also run the risk of a critical alert or response task getting overlooked or lost in the noise.

2. Breach containment lags due to manual processes

93 percent of cybersecurity professionals report that their efficiency is limited by manual processes. A huge portion of this manual work is related to triaging incidents. Every time an alert pops up, the security professional must research internal and external systems for context, criticality, who was impacted, and more. This can take minutes or hours. Multiply that by a thousand alerts a day and it’s easy to see how security teams run out of hours in a day. Fundamentally, we need a better way to keep up with the volume of security alerts because process bottlenecks are preventing organizations from scaling security response. 

3. Organizations can’t keep up with the vulnerability backlog

As digital transformation takes hold, enterprises increasingly rely on technology and those systems need patching. Over time, organizations develop extensive vulnerability backlogs with little insight into which vulnerabilities should be prioritized. The reality is that vulnerabilities leave critical systems open to potential attackers. Only 61 percent of vulnerabilities are remediated within a month, the rest are likely to be delayed, deferred, or never remediated.  This puts many organizations in the position of accumulating security debt as time goes on.

Fight fire with fire

Security teams have always leveraged spreadsheets, emails, phone calls and over the shoulder conversations. This approach doesn’t scale and limits response velocity. Because we’ve known no other approach, we think these are the best ways to deal with security alerts and breaches. This is not the solution for today – it is part of the problem. When minutes or hours can mean the difference between a thwarted attack or a security breach, inefficient and time-consuming response methods are putting organizations at risk. If your security incident or vulnerability response starts with a conference call or a meeting, you’ve already lost.

When security teams take advantage of automation, they can rapidly triage alerts, investigate incidents, contain threats, and protect their companies and customers faster than ever before.

Copyright © 2018 IDG Communications, Inc.

Subscribe today! Get the best in cybersecurity, delivered to your inbox.