Intelligent CISO Issue 30 | Page 28

Work needs to be done to identify which security functions are the most timeconsuming and which will deliver the most value through automation . ybersecurity is more complex than ever . Even before the chaos that has come to define this year , the volume of vulnerabilities that security teams needed to manage was becoming unbearable – the pressure to rightsize resources was increasing and the variables within the security environment ( including new cloud services , thirdparty environments and newly-deployed technology ) were stretching the security function ’ s capacity to breaking point . Now , they have to deal with all of these issues while securing distributed workforces and supporting ongoing Digital Transformation initiatives . Something has to give .
While it ’ s tempting to look at solutions that can automate specific processes , it ’ s critical for the CISO to always consider the bigger picture .

?

C

Work needs to be done to identify which security functions are the most timeconsuming and which will deliver the most value through automation . ybersecurity is more complex than ever . Even before the chaos that has come to define this year , the volume of vulnerabilities that security teams needed to manage was becoming unbearable – the pressure to rightsize resources was increasing and the variables within the security environment ( including new cloud services , thirdparty environments and newly-deployed technology ) were stretching the security function ’ s capacity to breaking point . Now , they have to deal with all of these issues while securing distributed workforces and supporting ongoing Digital Transformation initiatives . Something has to give .

One of the best ways that organisations can relieve some of this pressure is by identifying time-consuming processes that could be automated . Context-aware automation technology can be used in a host of useful ways . It can clean up and optimise firewalls , spot policy violations , assess vulnerabilities without a scan , match vulnerabilities to threats , simulate end-to-end access and attacks , proactively assess rule changes , and more . It ’ s important to note that there is no one-size-fits-all solution . Work needs to be done to identify which security functions are the most timeconsuming and which will deliver the most value through automation . Careful consideration should also be given to which automation tools are deployed . This is technology that shouldn ’ t be working in isolation .
While it ’ s tempting to look at solutions that can automate specific processes , it ’ s critical for the CISO to always consider the bigger picture . The data ingested by any automation solution should be available to be used to gain insights into an organisation ’ s wider security posture . While it ’ s true that automation , when used correctly , does a great job at increasing efficiencies , it is most valuable when it can integrate into the wider security ecosystem and deliver insights that improve decision-making capabilities . editor ’ s question
PETER MARGARIS ,
SENIOR DIRECTOR OF PRODUCT MARKETING ,
SKYBOX SECURITY

While it ’ s tempting to look at solutions that can automate specific processes , it ’ s critical for the CISO to always consider the bigger picture .

28 Issue 30 | www . intelligentciso . com