Architecture, Cloud, Strategy

How to leverage security automation to accelerate digital transformation

SC StaffJanuary 12, 2021
Shell uses analytics to anticipate downtime at drilling facilities, saving time and money on inventory management. Todays columnist, Karl Van den Bergh of Gigamon, says companies can take a step further with analytics and leverage them to automate security processes. (Credit: Photographic Services, Shell International Limited)
  • Achieve pervasive visibility. This visibility must span on-premises, private, public and multi-cloud environments in a consistent way, leveraging a common visibility architecture. Cloud initiatives have been accelerated to support the distributed workforce, putting an incredible amount of stress on the InfoSec team and infrastructure. As more companies adopt a hybrid cloud approach, having a clear line of sight into the network and application layers becomes increasingly important. Maximizing visibility ensures an uninterrupted view of all the data, applications, and users on a company’s physical, virtual, and cloud network. In the past, visibility has often been deployed ad-hoc, in support of a single tool project, but with visibility deployed first, multiple tools can see, monitor and secure the network.
  • Glean intelligence from that visibility. Applying data-driven analytics helps InfoSec teams make better decisions and automate their workflows. In fact, a Ponemom report found that 60 percent of IT leaders said automation helps to reduce the stress of their organization’s IT team. Now’s a good time to use insights from this aggregated data to understand potential bottlenecks in the infrastructure, such as security tools with irrelevant application traffic that are compromising tool effectiveness, and simplify them. Or to deliver insight-driven recommendations to incident responders as to the most effective next steps in mitigating the potential impact of a detected threat. 
  • Embrace automation. As InfoSec teams are forced to do more with less, automating mundane tasks becomes critical. Automating the intelligence gathered in the previous step frees up the InfoSec team to focus on the larger challenges and risks at hand. Configuration deployment has been an important area of focus for automation in the past and management tasks get even easier as we connect systems to orchestration. In the past, optimizing the delivery of data to service triage and performance management tools was complex, but it happens automatically today. We forget how much of this we have automated in the last decade. The fabric mindset offers a key benefit: use information-in-motion, collected and transformed efficiently, to drive increasingly more valuable insights, such as application intelligence or the identification of threats traversing the network with as little human intervention as possible.
  • Invest in human resources and capital. Even with an increase in automated tools and technologies, it’s still important to have skilled, experienced teams to analyze data and insights. When human talent and knowledge gets combined with automated insights, companies can maximize the benefits from the increased visibility.
  • Rethink security protocols to reflect today’s environment. We must adjust our tools, policies and IT infrastructures to meet the growing network demands caused by the global move to remote work this past year. Even when we do return to the office, a hybrid model with most still working remotely will become the new reality. We must ensure we can keep organizations secure remotely, in the office, or wherever employees might happen to work.