The Ponemon Institute recently completed a survey on ‘Staffing the IT Security Function In the Age of Automation’ in an attempt to understand the effect of automation on IT security.
- 49 % of respondents to this survey felt that automation improved the ability to prioritize threats and vulnerabilities
- 47% felt it increased the productivity of current security professionals
While these numbers are encouraging, for advocates of automation in cybersecurity, the other findings are slightly contradictory –
- 65% of respondents still maintained that human involvement in security remained important in an age of automation
- 56% felt that the main barrier to adopting automation was the lack of in-house expertise, exemplified by the rapid talent shortage faced by the industry.
Automation, a necessity
For enterprises dealing with cyber threats on a day-to-day basis, automation is not just a concept of the future anymore; it is becoming a necessity. Vast numbers of cyberattacks are also delivered via automated methods by attackers.
To fight against this relentless array of threats, enterprises will have no choice but to turn to incorporate automation in their adoption of AI-based cybersecurity methods.
For such an approach to work though, it is important for CISOs of enterprises to ensure that the entire company is aligned. Like most aspects of any artificial intelligence solution, automation takes time to succeed and will not produce instant results. It works on the basis of good data — the better data it is fed, the better it will get at analyzing data and automating time-consuming manual activities.
Turning Data into Actionable Insights
Enterprises have the capacity to collect vast amounts of data but much of that data may not be actionable due to its sheer scale and size. It is important for data to be correlated and sequenced to match it with threat intelligence, both inside and outside the organization. Furthermore, it is not feasible to assign this task manually.
Automation enables security teams to make sense of data, understand patterns and use the data to garner actionable insights which can help the enterprise understand their threat environment better.
Stopping attacks before they cause damage
Threat mitigation has become an important component of enterprises’ cybersecurity approach due to the fact that threats are many and varied in nature and it is not feasible to block all of them. The focus has shifted to damage prevention and isolation of threats. However, this is an approach which requires automation as manual prevention methods cannot be devised for new threats. In such a scenario, automation tools can identify threats within networks and quickly create response mechanisms to isolate and negate threats.
The human factor
As the results of the survey mentioned at the beginning of this article outlined, automation will never replace cybersecurity completely as the human aspect plays a very important role. Enterprises will continue to require highly specialized cybersecurity employees who will be able to use automation tools effectively to unlock the full value of this powerful tool. Enterprises must continue to invest in the workforce and upskill them in automation.
Seqrite’s vision has driven us to rapidly integrate Artificial Intelligence in our entire product suite. GoDeep.AI which is our proprietary AI-powered malware hunting technology has furthered our already superior enterprise cybersecurity products.