automation Archives - Security IT Summit | Forum Events Ltd
Posts Tagged :

automation

How to simplify access reviews

960 640 Guest Post

By Tenfold Security

More and more cybersecurity regulations require businesses to restrict access to data on a need-to-know basis. This best practice is also known as the principle of least privilege. Put simply, it means that members of your organization should only have access to files and resources they absolutely need in order to do their job.

But how do you make sure that’s the case? How can you be certain that not a single employee at your business has more permissions than they actually need? The answer is: You have to check. Every permission in your organization must be checked through a process known as a user access review (which are also increasingly mandated by laws and security standards)

If that sounds like a logistical nightmare, that’s because it is!

Once your company reaches a certain size, it becomes virtually impossible to conduct access reviews by hand. Tracking hundreds or thousands of permissions across various systems would take so much effort that by the time you finish, you’d already be late for your next access review.

If you’re faced with having to audit every permission at your company, you need help. Especially if you’ve never gone through your access rights before.

tenfold’s identity and access management solution will actually help you in two ways: First, by automating user management, tenfold helps you eliminate unnecessary permissions, which drastically reduces the scope of your access review, as well as boosting your IT security. By defining a default set of permissions for different roles and departments (tenfold will support you in finding the optimal configuration), our IAM platform can automatically adjust permissions as needed when users switch roles, go on family leave or depart your organization.

Second, tenfold actually allows you to automate the access review process. Instead of having to manually track permissions, tenfold provides automatic notifications and a concise report, allowing you to renew or remove permissions with a single click. All settings, from the review interval to the stakeholders involved in the review, can be adjusted to your needs.

Learn more about the advantages of tenfold IAM!

Cybersecurity in Financial Services: Remaining compliant and reducing risk with automation

960 640 Guest Post

By LogRhythm

Businesses in the financial services sector have to manage enormous risk, wealth and personally identifiable information (PII), all while meeting strict regulatory requirements.  

As the proliferation of financial data continues to grow, organizations face the task of continuously protecting that information and keeping it secure, while maintaining a reputation in the financial sector. Despite this, many security teams lack the resources and funding to keep up with the evolving threat landscape and ecosystem of regulatory compliance rules.

The Complexity of Complying

For financial services organizations, cybersecurity is about minimising risk for both the customers and the business. This includes compliance, it is vital organizations reduce the possibility of further fines or other penalties by implementing security measures. 

On top of this, security teams are often attempting to mitigate threats manually, increasing effort and stress. Analysts need to eliminate the time spent writing scripts, building rules and creating reports to allow focus on evolving attacks.

Automating Processes for Financial Security

Implementing prebuilt content which is specifically mapped to the individual controls of each regulation enables instant results that do the heavy lifting for you. Combining compliance automation software with Security Information and Event Management (SIEM) gives analysts the resources to comply with necessary mandates more efficiently and effectively than previous manual processes. A SIEM platform can facilitate security teams to improve detection, mitigation and response capabilities.

Furthermore, automation systems allow workflows to be more streamlined to help analysts combat evolving threats by removing manual tasks and enriching data with contextual details consistently.

An Expanding Compliance Environment

Looking forward, the financial sector is expected to face continued vulnerabilities in its technological offerings, both online and traditional brick and mortar. With compliance automation systems at the forefront, patterns of fraudulent activity will be detected at a greater rate, increasing the likelihood of mitigation before impact. 

The compliance environment can only extend further, with more regulatory requirements coming into play. Financial organizations should be prepared for stricter security rules becoming a necessity to protecting both customer and business data.

LogRhythm’s offerings provide financial services organizations with industry-leading automation, compliance and auditing support, comprehensive reporting and protection against advanced cyberthreatsLearn more >

Four Steps to Security Automation Success

960 640 Guest Post

By Ofer Elzam, VP and GM, FireMon Cloud & Automation Solutions

Security automation projects are making headlines, with everyone looking to automate at least some portion of the policy management process. Usually, the goal is to save time and money by automating firewall administration and policy management.

However, these two categories have grown exponentially in scope and complexity in recent years, so automation projects often become much larger and time-consuming than originally intended and produce varied results.  In some less-than-stellar cases, they even collapse all together, and people revert to the original manual processes they were seeking to automate.

How can this situation be avoided? There are four steps security organizations can take to dramatically increase the likelihood of success in security automation projects, we’ll cover the first two now:

  1. Have a clear goal. Almost everyone automates to save money and improve efficiency.  But you must define more functional requirements than that – after all, there are many approaches for saving money. Focusing on a clearly defined operational goal is the key to determining the right approach, which, in turn, defines how much and where you will realize cost savings and efficiency gains. 

    What if you defined your goal to achieve a standard security process to meet a service level agreement (SLA) of 24 hours instead of the week or so it takes now? You could do this by analyzing the existing process and mitigating inefficiencies through the surgical application of automation, or even simply improving on existing manual processes.  

    Other projects like micro-segmentation, Zero Trust implementations, on-prem-to-cloud migrations, will necessitate their own functional requirements and SLAs. It is important to set goals for these projects that are realistic, while also delivering substantial cost and efficiency improvements. 
  2. Don’t try to automate everything.  Automation projects succeed when there is a clear set of success criteria and a clearly defined and achievable scope. They often fail when trying to implement a process that will work in every scenario. A good example of this is in the change-request workflow. There are two places where time and resources can be saved in a change-request workflow: better requirements (less refinement of inputs) and reducing the wait time between individuals. Better requirements are generally achieved by focused training and more intuitive system design for a select group of users. 

    User and requirement creep tends to happen when relatively infrequent processes are folded into the project. This puts security organizations in a position where they spend significant time, effort and budget on automating processes that may only be encountered once or twice a month. This can delay the overall automation project and reduce ROI once it is complete, since significant resources will be invested for only marginal gains.

    Consuming project time to customize the workflow or software for a task that takes 10 minutes twice a month not only delays the overall project, but also causes stakeholders to question the overall value of the project. 

Let’s be honest: You’re almost certainly exploring automation to save money and time. Follow our next blog, for the last two steps to build your security policy automation roadmap. 

Embrace AI, say cyber security professionals

960 640 Stuart O'Brien

The global head of security intelligence at IBM Nick Coleman has called for cyber professionals to embrace the world of Artificial Intelligence (AI) and automation.

During the Isaca CSX Europe 2017 conference in London, Coleman said that without embracing the worlds of AI and automation, security execs will be “obsolete in three of four years.”

“The threats are becoming so serious that we need to embed artificial intelligence and automation into security processes so that we can be more intelligent and efficient in our response.

“We should be looking at each of these areas and finding ways to embed AI and automation wherever it makes sense to do so to improve efficiency, and thereby improve capability and, ultimately, enable greater business resilience,” Coleman said.

Coleman added that as the cyber security world becomes more sophisticated, the number of threats will continue, highlighting the need to automate as much as possible.

Commenting on IBM’s Watson super computer and the ability of it to ingest four million security-related documents an hour, Coleman added: ““Research shows that around a third of their time is spent gathering and processing information, but this is something that can be automated.

“We already have automated planes and ships, and relatively soon we will have self-driving cars, so they should be looking to where it makes most sense to automate in cyber security to make sure they are ready for the future and have developed the skills to deliver value on top of automation.”