This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.
In 2015 there were 781 publicized cyber security breaches which resulted in more than 169 million personal records being exposed – a number that’s steadily on the rise year over year. And with notable names like BlueCross, Harvard and Target being tossed into the mix, it’s obvious that no company is safe. Yet, only 38% of organizations across the globe can confidently say they are prepared to handle a sophisticated cyber-attack.
The numbers don’t lie. Cyber criminals are becoming savvier and their attacks are increasing faster than companies can keep up. Furthermore, it’s becoming increasingly evident that traditional methods, like anti-malware software, are no longer sufficient to keep sensitive data safe. To address this glaring need, many forward-thinking IT executives are fortifying their cyber security strategy using automation as a tool for greater defense.
Perhaps even as recent as a decade ago, the majority of organizations were adequately prepared for cyber-attacks. Today IT is up against advanced persistent threats (APTs) and, more importantly, these attacks are being spearheaded not by human assailants, but by automated bots – droves and droves of them.
Simply put, IT personnel are no match for such intensive, sustained attacks. Not only are humans incapable of keeping up with the sheer volume of incoming threats, but their ability to make quick and highly-impactful decisions to manually address such an attack is equally inefficient. This is why automation is becoming such a powerful and effective component of cyber security incident response. To combat the onslaught of incoming threats, organizations must employ an army of equivalent strength and sophistication.
Essentially, it’s fighting fire with fire – the battle of the good bots against those that aim to do your business harm.
So what’s holding companies back? Well, for starters, there are a number of concerns around incorporating automation into cyber security:
Loss of Control – In many instances, the biggest hurdle to automation is simply a perceived loss of control. In reality, the right automation tool can actually provide a greater level of visibility and enhanced oversight into the entire cyber security process.
Lack of Trust – It’s easy for a highly-skilled human worker to feel as though they are more capable of managing incident response than a machine could. Distrust of technology can be an incredibly big hurdle to overcome, but ultimately – given the shift in type, frequency and complexity of attacks – it’s a futile argument.
Fear of Change – Perhaps the biggest misconception of automation is the idea that its adoption spells the certain demise of the human workforce. What will happen when technology takes over the IR process? Will the IT department be replaced by robots? The fact is that while automation is certainly changing the way people work, its creating just about as many opportunities as it is eliminating them.
To address these perceived disadvantages, there are a number of significant truths about automation’s role in cyber security.
Uniform Strength – No military leader would march onto the battlefield with an army that is significantly smaller in size, strength or skill than its enemy. This same concept can and should be applied to the critical task of cyber security. Automation provides the ability to match incoming attacks stride for stride, affording the greatest level of protection possible.
Increased Efficiency – Adding automation into the IR process helps to streamline workflows and create a much more uniform and efficient environment. So, not only does the organization become stronger in terms of security, but it also becomes more cost-effective across the board.
Fewer Errors – Many of the most noteworthy cyber breaches in recent years have come at the hands of well-intentioned yet highly overworked humans. Even the most skilled IT professional is prone to make mistakes from time to time. Unfortunately, some errors can prove to be incredibly costly. Automation eliminates this problem by removing the human element from some or all of the process.
Better Decision Making – One of the biggest challenges IT leaders face is the monumental task of making critical business decisions on the fly. Another benefit of automation is the ability it provides to gather, analyze and prioritize crucial data at the click of a button, further enhancing the threat detection and incident management process.
With the average annual cost of cyber-attacks ranging anywhere from $38,000 for small businesses to upwards of $400 billion for global enterprises, the topic of cyber security is something that should be on the minds of every business leader today. More importantly, the strategies currently in place must be properly audited and sufficiently fortified if a company is to avoid becoming the next victim.
Despite the many misconceptions, automation is emerging as the ideal tool for streamlining and strengthening the incident response process and creating a better line of defense that will stand the test of time.
Ayehu provides IT Process Automation solutions for IT and Security professionals to identify and resolve critical incidents and enable rapid containment, eradication and recovery from cyber security breaches.