Will Cyber Security Become Automated?

Bill Virtue

What We See in the Market

The adoption of security automation technologies has increased 12% year over year, with signs of further growth. The cyber security market is filled with solutions that protect users from potential harmful sources, protect business-critical servers, and protect sensitive data such as personal / private information, healthcare data, intellectual property, and credit card data. Businesses invest in technology to manage these security solutions—often times consolidating a vast amount of data into a single system to help organize and access useful information—with the goal of better understanding where they have risk or where certain traffic is coming from or going to. In many cases, the sheer quantity of data to manage is outside the capabilities of the business.

A Use Case for Automation

Consider the process of human resources (HR) onboarding new employees, an example familiar to every organization. There are a set of tasks that need to be completed to provision new employees with the assets they need to fulfil their job description. Similarly, IT goes through a set of procedures to provide the right level of access to systems and resources the new employee will need. There are solutions available that automate onboarding of employees and the provisioning of assets to employees which help to streamline these processes. This frees up resources in both HR and IT for other tasks.

The security market is starting to do the same thing. With a continued shortage of expertise needed for incident response and event management workloads, an automated process helps manage repeated workflows and delivers value to the business. One such example is SOAR (Security Orchestration Automation and Response), which helps to automate remediation workflows. This form of automation helps organizations understand how they can maximize their security investment and improve operations through automation efforts.

What Is Cyber Security Automation?

In a nutshell, security operation tasks require human intervention. These tasks can be automated, such as monitoring intrusion detection systems to search for threats. Security attacks are increasingly more advanced each day, but with the help of security software and devices, security teams can navigate through data alerts to find the many obscure threats they need to know about. Automating this process will add threat intelligence and help save time.

Benefits of Cyber Security Automation

  • Efficient and Cost Effective—Automation allows for faster data collection, making the incident management response a more dynamic, uniform, and efficient process. It also eliminates time-consuming and repeatable tasks, allowing the cyber security experts time to concentrate on creating other strategies and initiatives.
  • Fewer Errors—Automation adds artificial intelligence, increasing an organization’s analytic capabilities. It also eliminates the human element from some or all of the process, making a business more efficient and reallocating human resources to where they are most needed.
  • Optimize Decision Making—Automated activities will also identify deficiencies that can be corrected through actionable, formalized procedures, leading to a more secure environment.

Will Cyber Security Become Automated?

The answer is both yes and no. Each day, cyber attacks are becoming more numerous and sophisticated. To investigate these threats, cyber analysts need to complete manual and repetitive work. Organizations today can automate lower level, repeatable workflows—which improves security against hackers and also frees cyber security teams to focus on more productive problem-solving activities. The higher-level designing and implementing of security measures, however, will remain in the hands of human developers and systems designers. One thing is clear: any organization that values their data, devices, and users will have to continue to expand their automated tools in order to keep pace with the complexity of today’s security demands.

Bill is a Senior Systems Engineer at Connection with over 30 years of experience in Networking Solutions, Information Security, and Identity Management. Bill is a founding member of the ISSA NH chapter dedicated to promoting Information Security within the business community. Bill is also a US Navy veteran and held Operations Management positions within the Atlantic Fleet. Bill has broad knowledge in the Security and Compliance space and has consulted on large scale enterprise deployments and security projects and contributed to many technical articles and technology white papers. When he has free time, Bill enjoys catching up with family and friends and riding his Harley Davidson.