Why automation is the key to the future of cyber security

Examining the perceived disadvantages and the significant truths about automation’s role in cyber security

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.

In 2015 there were 781 publicized cyber security breaches which resulted in more than 169 million personal records being exposed – a number that’s steadily on the rise year over year. And with notable names like BlueCross, Harvard and Target being tossed into the mix, it’s obvious that no company is safe. Yet, only 38% of organizations across the globe can confidently say they are prepared to handle a sophisticated cyber-attack.

The numbers don’t lie. Cyber criminals are becoming savvier and their attacks are increasing faster than companies can keep up. Furthermore, it’s becoming increasingly evident that traditional methods, like anti-malware software, are no longer sufficient to keep sensitive data safe. To address this glaring need, many forward-thinking IT executives are fortifying their cyber security strategy using automation as a tool for greater defense.

Perhaps even as recent as a decade ago, the majority of organizations were adequately prepared for cyber-attacks. Today IT is up against advanced persistent threats (APTs) and, more importantly, these attacks are being spearheaded not by human assailants, but by automated bots – droves and droves of them.

Simply put, IT personnel are no match for such intensive, sustained attacks. Not only are humans incapable of keeping up with the sheer volume of incoming threats, but their ability to make quick and highly-impactful decisions to manually address such an attack is equally inefficient. This is why automation is becoming such a powerful and effective component of cyber security incident response. To combat the onslaught of incoming threats, organizations must employ an army of equivalent strength and sophistication.

Essentially, it’s fighting fire with fire – the battle of the good bots against those that aim to do your business harm.

So what’s holding companies back? Well, for starters, there are a number of concerns around incorporating automation into cyber security:

Loss of Control – In many instances, the biggest hurdle to automation is simply a perceived loss of control. In reality, the right automation tool can actually provide a greater level of visibility and enhanced oversight into the entire cyber security process.

Lack of Trust – It’s easy for a highly-skilled human worker to feel as though they are more capable of managing incident response than a machine could. Distrust of technology can be an incredibly big hurdle to overcome, but ultimately – given the shift in type, frequency and complexity of attacks – it’s a futile argument.

Fear of Change – Perhaps the biggest misconception of automation is the idea that its adoption spells the certain demise of the human workforce. What will happen when technology takes over the IR process? Will the IT department be replaced by robots? The fact is that while automation is certainly changing the way people work, its creating just about as many opportunities as it is eliminating them.

To address these perceived disadvantages, there are a number of significant truths about automation’s role in cyber security.

Uniform Strength – No military leader would march onto the battlefield with an army that is significantly smaller in size, strength or skill than its enemy. This same concept can and should be applied to the critical task of cyber security. Automation provides the ability to match incoming attacks stride for stride, affording the greatest level of protection possible.

Increased Efficiency – Adding automation into the IR process helps to streamline workflows and create a much more uniform and efficient environment. So, not only does the organization become stronger in terms of security, but it also becomes more cost-effective across the board.

Fewer Errors – Many of the most noteworthy cyber breaches in recent years have come at the hands of well-intentioned yet highly overworked humans. Even the most skilled IT professional is prone to make mistakes from time to time. Unfortunately, some errors can prove to be incredibly costly. Automation eliminates this problem by removing the human element from some or all of the process.

Better Decision Making – One of the biggest challenges IT leaders face is the monumental task of making critical business decisions on the fly. Another benefit of automation is the ability it provides to gather, analyze and prioritize crucial data at the click of a button, further enhancing the threat detection and incident management process.

With the average annual cost of cyber-attacks ranging anywhere from $38,000 for small businesses to upwards of $400 billion for global enterprises, the topic of cyber security is something that should be on the minds of every business leader today. More importantly, the strategies currently in place must be properly audited and sufficiently fortified if a company is to avoid becoming the next victim.

Despite the many misconceptions, automation is emerging as the ideal tool for streamlining and strengthening the incident response process and creating a better line of defense that will stand the test of time.

Ayehu provides IT Process Automation solutions for IT and Security professionals to identify and resolve critical incidents and enable rapid containment, eradication and recovery from cyber security breaches. 

Join the CSO newsletter!

Error: Please check your email address.

More about IR

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by By Gabby Nizri, CEO, Ayehu

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts