Branko Ninkovic, Founder & Executive Director at Dragonfly Technologies, AISA Sydney Branch Chair, shares his insights on why automation is the next logical step in bolstering a business’s security efforts. “Our mission, with absolute conviction and dedication, is to build a safer, connected and automated world. We are at the forefront of technology and strive to be in complete alignment through our advisory, professional services and managed services to meet today’s technology challenges, needs and drivers.”
Automation is very topical right now. What does it mean through a security lens?
Many businesses are on a digital transformation journey to increase their competitive advantage in the marketplace. Their digital footprint is increasing, as are their number of sensitive information assets and many, if not most, security budgets are not increasing at the same rate, nor will they ever likely be able to keep up.
This mismatch creates an undeniable increase in risk. With cybersecurity incidents costing businesses’ in excess of $29 billion annually, businesses need to do more to make that budget work harder, stretch further and be more efficient. Introducing automation to appropriate components of an organisation's security strategy can bring significant benefits and result in greater security coverage, continual improvement of security posture, freeing up of the team’s time from mundane activities to do more valuable tasks and reduced overall costs through being able to cover more assets with less.
How can an organisation harness automation to improve their security posture?
There is great value to be had in moving from point in time security activities to a more continuous security cycle where the security of your sensitive information assets are assessed at regular and more frequent intervals, keeping up with the rate of change of your digital infrastructure, rather than always playing catch ups. Through automation, you can carry out more regular, more frequent and greater rigorous testing to identify risk before it is even introduced.
What are the key benefits to automating security practices?
By far the most valuable standout benefit of security automation is the increased level of security coverage as your digital footprint grows along with continual improvements in your security posture by keeping up with rapid changes to your infrastructure as they happen.
So once a company automates those once manual tests, what will become of the traditional Security roles we see today? Automating your security is not about replacing current traditional security activities, rather it's about augmenting it and saving your team’s expertise for more valuable tasks. There will always be a need for human logic and thinking to tackle the complex security issues which arise and require logic to explore and exploit. That will never change. What has now become possible is the freeing up of the security team to apply deeper logical thinking to more complex issues. This is not only great for an organisation’s security risk but also in turn, increases productivity as well as job satisfaction for all involved.
Finally, for a company new to the concept, what are the first steps they would need to take on their security automation journey?
Whilst automation may look like an overwhelming task, it does not have to be. Start small and don’t try to boil the ocean. I would recommend that you identify a set of use cases and security activities which lend themselves to repetition and ones that you would like to see expanded to provide broader coverage. In addition, identify activities which are prone to human errors. All these make ideal candidates to start your automation journey to realise the business benefits for your organisation.
For more on how to automate your security processes, visit www.dragonflytechnologies.com/enterprise/automation