Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

Look again at security automation

Issue 5 2022 Editor's Choice

By Hila Meller, global head of sales, BT Security.

BT began the automation journey for its security operations centres (SOCs) in 2018, with the goal to unify customer experience across them. The main learning point was “you should never try to automate a complex process that’s not fully documented and well understood.” From this starting point, there are five key considerations to apply to your security automation journey.

#1 Skills shortages should drive focus

The (ISC)2 Cybersecurity Workforce Study reported a worldwide cybersecurity skills shortage of 2.72 million people. In the face of these supply constraints, the cost of cybersecurity talent is extremely high, leading to regular churn as skilled employees leave to pursue other career opportunities. It also makes it very difficult for smaller organisations and less well-funded industries to compete for cyber talent, leading to huge security risks.


Hila Meller.

In an environment where resourcing is limited, it’s critical to consider how automation can handle the routine, the repetitive, and those tasks that are important but not urgent. It would be naïve to assume that whole tasks can be fully automated, but automating the repetitive parts frees your analysts to apply their skills in more complex ways that widen the breadth of their experience, leading to increased job satisfaction and better retention.

#2 Look at automation holistically

When looking at automation options for your organisation, you need to assess the overall value of automating each process. The goal is to use automation where it provides the most effective value, without watering down capabilities, introducing additional risk or removing necessary human oversight. Before implementing automation in your tools, be sure you’re clear on the benefits and why you’re automating. Consider all aspects of your processes, the types of threats you see, talent availability, and the costs vs. benefits of automating certain decisions.

#3 Think about the operational implications of automation

Clear communication between groups within the organisation is critical to any platform where automated change can happen. Operational teams, in particular, need to have understanding, sight, and sign-off of such systems to understand the implications. In most organisations, a human ‘in the loop’ during an initial phase, aware of how such systems operate and able to investigate any change and revert it back in moments is a wise precaution. After a period of optimisation, tuning and tweaking, confidence will grow to the point that the humans can be ‘out of the loop’ and the organisation can rely on the automation.

#4 Choose your scope and domain wisely

Deciding what areas to automate is a minefield for many organisations. For most clients starting out on the journey, we would recommend focusing initially on basic individual controls and policy enforcement capability. This area tends to be simpler, with less chance of clashes between technology areas and vendors.

Risks also vary by organisation. We’ve long advocated for building a strong understanding of the threats each organisation faces and determining responses based on the tools, techniques and procedures known to be used against them. This threat intelligence data can be one of the main drivers allowing these responses to be automated – as long as the accuracy of the data is high.

#5 Data clarity drives improvement

Having a clear view of what data is needed and the insight that it can give you is key to successfully implementing automation programmes. Be selective about security data, particularly when linked to security decision making. Security controls are generating more data points than ever before, but before we can use it, we must ingest, process and store all that information.

Collection plans and data prioritisation should be central to your data strategy. This ensures that you can consolidate and refine data to reduce volume (and therefore cost) without losing the integrity or value of the data or of the decisions that we can make. Inevitably, the data will come in many different forms and from a myriad locations and sources. Having a well thought-through data capture strategy will help deliver the most benefit down the line. With so much data on hand, being clear on validity and prioritisation is fundamental to making sure that automated decision making is accurate and predictable.

As the world becomes ever more interlinked and connected devices number in the billions, the cyber landscape will continue to increase in reach and complexity. To combat this, automation will move from a ‘nice to have’ into an essential tool that organisations can’t cope without. As a result, the importance of contextual, timely and accurate threat intelligence as an input to decision making cannot be overstated.




Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

Standards for fire detection
SAQCC (Fire) Editor's Choice Fire & Safety Associations
With the increased number of devastating fires reported throughout South Africa, adequate and suitable fire detection cannot be overstated. SAQCC Fire will publish a series of articles in SMART Security Solutions to provide insight into fire detection requirements and importance.

Read more...
Taking fire safety seriously
G2 Fire Editor's Choice Fire & Safety Security Services & Risk Management
To gain insights into how fire systems must be designed, installed and maintained, SMART Security Solutions asked Nichola Allan, MD of G2 Fire, for some insights into the local fire market.

Read more...
The best of local and international
Technoswitch Fire Detection & Suppression Editor's Choice
SMART Security Solutions speaks to Technoswitch’s Managing Director, Brett Birch, to learn more about the company and how it serves the fire safety market in South and sub-Saharan Africa.

Read more...
Surveillance on the perimeter
Axis Communications SA Hikvision South Africa Technews Publishing Editor's Choice Perimeter Security, Alarms & Intruder Detection
Cameras have long been a feature in perimeter security, with varying reports of success and failure, often dependent on the cameras’ planning, installation and configuration, as well as their integration with other perimeter solutions and centralised management platforms.

Read more...
Onyyx wireless alarm
Technews Publishing Editor's Choice Smart Home Automation
IDS has introduced Onyyx, a wireless alarm system engineered to provide complete system control via the Onyyx app or keyring, as well as seamless installation.

Read more...
Visual verification raises the security game
Technews Publishing Inhep Electronics Holdings Videofied SA Editor's Choice Perimeter Security, Alarms & Intruder Detection
Incorporating alarm signals with live surveillance footage, visual verification enables a human observer in a control room (onsite or offsite) to gain a clear understanding of the situation, thereby facilitating informed decision-making.

Read more...
The AX Hybrid PRO Series offers reliable wired and wireless protection
Hikvision South Africa Editor's Choice Perimeter Security, Alarms & Intruder Detection Products & Solutions
Hikvision has announced the launch of a new AX Hybrid PRO alarm system with innovative Hikvision ‘Speed-X’ transmission technology. This system offers reliable wired protection while delivering expanded flexibility with seamless wireless integration.

Read more...
A critical component of perimeter security
Nemtek Electric Fencing Products Gallagher Technews Publishing Stafix Editor's Choice Perimeter Security, Alarms & Intruder Detection Integrated Solutions
Electric fences are standard in South Africa, but today, they also need to be able to integrate with other technologies and become part of a broader perimeter security solution.

Read more...
SMARTpod talks to The Risk Management Forum
SMART Security Solutions Editor's Choice News & Events Security Services & Risk Management Videos Training & Education
SMART Security Solutions recently released its first SMARTpod podcast, discussing the upcoming Risk Management Forum Conference 2024, which will be held on 26 September 2024 at the Indaba Conference Centre in Fourways, Johannesburg.

Read more...
There is a SaaS for everything, but at what cost, especially to SMEs?
Editor's Choice Information Security Security Services & Risk Management
Relying on SaaS platforms presents significant cybersecurity risks as the number of providers in your landscape increases, expanding your attack surface. It is important to assess the strength of the SaaS providers in your chain.

Read more...











SMART Security Business Directory



Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.