By Ofer Elzam, Vice President & GM, FireMon GPC
Gone are the days when IT leaders fretted that the benefits of automation would shove people out of jobs. If anything, it’s the opposite: 74% of cybersecurity professionals say that a skills shortage has affected their organizations, continuing a trend of concern over the past few years, according to the report “The Life and Times of Cybersecurity Professionals 2018.”
While the story around the labor shortage is more complex than it may appear, the current narrative around the advantages of automation has shifted away from labor concerns. But in a way, that erstwhile concern is a direct link to the underlying current of all the benefits of automation: the human factor.
Heightened productivity, consistency and keeping up with increasingly complex security needs are solid advantages of automation, but there’s more to the story. Here’s how all of those benefits of automation (and more) ladder up to protecting your company’s most precious resource—your people.
Ready to use automation to protect your team? Request a demo of FireMon Automation today.
Automation Allows People to Do What People Do Best
Machines can be rapid, agile and comprehensive. What they can’t be: creative. When security processes are automated, the flesh-and-blood members of your team are freed up to deploy their creativity to solve problems and build more robust security measures.
The current state of security operations (SecOps) teams doesn’t allow that creativity to thrive. FireMon’s 2019 State of the Firewall report revealed that 30.9% of survey respondents had an ad hoc or manual change management process. This exposes two critical issues: an underutilization of humans’ unique abilities and the inevitability of human error.
One of the top benefits of automation is that it gives your team members more time to focus on other security issues. At the same time, it’s an opportunity for your team to map out the very processes that enable successful automation. For example, in most companies automation works best when the processes behind them are strategically planned beforehand. This is the work that humans can do better than algorithms, as it requires judgment, creativity and insight.
As automation enables human capital to thrive, it also eliminates human risk. Through 2023, 99% of firewall breaches will be caused by misconfigurations, not firewall flaws, according to Gartner—something automation helps prevent. Human error also throws a wrench when integrating security systems. A comprehensive approach like FireMon Automation offers persistent security across networks while minimizing the potential for human error.
Automation Allows Your People to Work Better Together
IT teams frequently work in silos, leading to redundancy and opportunistic, one-off approaches to security. With a comprehensive system, companies can depart from the “hero culture” of employees writing automation scripts to solve an issue without looking at the holistic picture.
Amid worries that automation inhibits agility and innovation, decision makers sometimes hedge on implementing automation. But one of the benefits of automation in the workplace is how it organically supports both development operations and security operations, eliminating the friction that can exist between the needs of these groups. Planning for automation requires both teams to work together and understand the priorities of the other, leading to better communication—for the automation plan and beyond.
Automation Supports Your Company’s Ability to Work With—and Against—Third Parties
“Hackers today—they’re not even hacking, they’re using automation tools,” said FireMon’s Tim Woods, vice president of technology alliances, in the talk “Automation: One Giant Leap for Security.”
When criminals are exploiting the benefits of automation, security teams have an obligation to outpace them. Using automated systems frees up SecOps teams to anticipate and proactively develop rules to protect against hackers—again, leveraging the human creativity and critical thinking that successful crime prevention entails.
On the flip side, automation allows your team to work with the people who have your customers’ best interests at heart. Compliance regulations are changing quicker than you can say “GDPR,” and with the California Consumer Privacy Act coming into play January 1, 2020, security rules continue to be in flux.
Only 13.8% of survey respondents in FireMon’s State of the Firewall report say they’re 90% to 100% prepared for a compliance audit. Confidence is even lower among key decision-makers: Just 45.3% of C-level respondents said they felt 60% to 80% ready for an audit. In other words, one of the benefits of building an automation system is building faith among your company’s C-suite—consider it another form of security.
ABOUT THE AUTHOR
Ofer Elzam is responsible for the continued development of FireMon GPC, the industry’s first and only solution to deliver persistent policy enforcement for complex, hybrid network environments. Before joining FireMon, Elzam was VP of product at Dome9 Security. Under his headship, Dome9 became the leader in securing multi-cloud deployments, which led to its acquisition by Check Point Software. Prior to Dome9, Elzam was the director of Sophos’ network security product line, where he led the company’s transition to the next-generation XG Firewall platform. Earlier, Elzam worked at Cisco serving as both a strategic architect of security technologies and executive director of product management, where he led ScanSafe, which was acquired by Cisco in December 2009. Elzam also spent 10 years serving in a variety of product leadership positions, including as CTO at Gemalto.