The role of automation in cybersecurity
12 August 2021

The old proverb, Fight fire with fire, is taking on new meaning in the battle CISOs and CIOs are waging against increasingly well-resourced and dangerous cybercriminals. These cybercriminal syndicates—often linked to state actors—have been rapid adopters of emerging technologies like machine learning and artificial technologies. In particular, they are using the power of automation to develop new threats and mount massive attacks.

Humans stand no chance against the sheer scale and power of these attacks, and smart CISOs and CIOs are turning to the same tools to turn the tide, and support their overstretched security teams. The figures show that security automation technologies are growing at a rate of 12% year on year, with faster growth to be expected.

However, in order to be successful, automation efforts need to be carefully thought through.

First of all, it’s wise to understand what automation actually is and how it could play a role in an organisation’s cybersecurity efforts.

Consider the onboarding of new employees, a process that every company has to undertake: it entails a set of processes that are at base routine—collecting personal details, ensuring new hires get the right equipment, introducing them to the appropriate people, setting up their IT profiles and so on. Overseeing this set of processes ties up many hours of HR time, and of course risks certain components being mistimed or missed out altogether. Smart developers are creating applications that allow companies to create an onboarding process that works for them, and then automate the workflows so that everybody concerned does what is needful at the right time. The process is replicable and optimisable, and yet the cost goes down.

The results are good, with time to productivity reduced by 35% and employee retention rates enhanced. And, of course, the HR staff are freed up to concentrate on adding value rather than pushing bits of paper around.

Automation is changing the game in all sorts of other areas, with insurance and auditing two sectors in which automation is both taking on repetitive tasks and bringing new levels of efficiency.

Many of the same principles hold true when it comes to cybersecurity. Automation can help immeasurably in the following areas:

  • Reduce errors. Automation harnesses artificial intelligence coupled with the processing power of the cloud. It makes it much easier for the organisation to analyse large amounts of data, including external data relating to new threats in the wild, with a speed and accuracy that a human could not match.
  • Get the routine stuff done reliably and regularly. It’s a bitter truth that when IT departments try to do everything themselves, the vital routine things often get omitted in favour of putting out fires. These routine, housekeeping tasks are perfect candidates for automation, and the benefits can be astonishing. For example, the WannaCry ransomware attack that took place in 2017 targeted Microsoft Windows, and before it was shut down infected more than 200 000 computers across 150 countries, causing damage estimated to be in the billions of dollars. Here’s the kicker: Microsoft had already issued a patch, but many had failed to apply it for a variety of reasons, one of which was inevitably a lack of time.
  • Save time. A related benefit is that automation saves time, leading to quicker responses to perceived threats or an actual attack. In cybersecurity, time is of the essence and, chillingly, many companies take months even to discover they have been hacked—or never do.
  • Better decision-making. Automation not only reduces errors and saves time, it also can assist in identifying areas for improvement, either in the security posture or, more generally, in overall business process architecture. Automated tools are always on the watch, and by identifying potential vulnerabilities, they can enhance the organisation’s ability to withstand—and respond to—an attack.
  • Save money. With automation, much more work gets done but not by expensive humans.

Finally, it’s worth reiterating the point that security automation is not about replacing humans but rather supporting them. For the foreseeable future, it is humans who will have to design and implement security measures, and oversee everything. The exercise of judgement and assessment of strategy remain beyond the reach of machines as yet, but they certainly have a role to play.

Our product portfolio offers comprehensive solutions for IT Security, Infrastructure and Enterprise Software. Tufin is a leading vendor in automation enabling organisations to automate their network security. With over 2000 active customers across the globe, Tufin empowers organisations through automation, helping them eliminate the security bottleneck and increase business agility.

About DataGroutIT

DataGroupIT is Africa’s leading Value-Added Distributor (VAD). By partnering with the best selection of established and emerging technology vendors across the globe, we, provide complex solutions for any size business, including Enterprise and SME markets across the African continent.

We are fully committed to our business partners. Channels & vendors success is our #1 mission. Our professional teams across Africa deliver exceptional sales, presale, logistic, marketing and financial support that create the ultimate platform to accelerate our business partners’ success.

Contact Us today to find out more.

 

Post by: DGITUser
More Articles from Articles
Curbing Shadow IT in your organisation

Curbing Shadow IT in your organisation

“Shadow IT refers to (the use of) IT devices, software and services outside the ownership (approval) or control of IT organisations.” – Gartner The above definition gives the idea that Shadow IT can only be carried out by malicious actors when it...

read more
Understanding the mechanics of a data breach

Understanding the mechanics of a data breach

Definition: A data breach is a cyber-attack in which sensitive or confidential data has been accessed or disclosed to an unauthorised individual or software system. Data breaches normally come in the form of exposed customer credit card numbers,...

read more
The key to effective SaaS Asset Management

The key to effective SaaS Asset Management

Increasing levels of remote work and the accompanying migration to the cloud has seen a renewed emphasis on data protection, proactive threat monitoring and IAM (Identity & Access Management). The last 2 years have solidly established the fact...

read more