IT Spend in 2023: Why Automation Will be the Hero
A survey of 213 cybersecurity executives in the U.S. found that automation was top of mind for efficiency, efficacy, and cost cutting measures. According to the CISO Priorities Flashcard, 86% of cybersecurity leaders are prioritizing automating threat detection and response, and 84% are prioritizing integrating and automating cybersecurity capabilities with new and existing technologies.
Given the state of cybersecurity staffing, the current economic climate, and greater pressure on security teams, it’s no wonder security executives are thinking about how to incorporate automation.
In this post, we’ll explore how the tighter economy is shifting how cybersecurity executives approach running an optimized and efficient organization.
Optimization is a word that carries a lot of weight. Per the Merriam-Webster Dictionary, “optimization” is:
: an act, process, or methodology of making something (such as a design, system, or decision) as fully perfect, functional, or effective as possible
specifically : the mathematical procedures (such as finding the maximum of a function) involved in this
But what is “perfect” when it comes to cybersecurity? Can we really design “perfect” systems? Perhaps, but the “perfect” system from a security point of view won’t be usable. Can we really make “perfect” decisions about cybersecurity, knowing that threat actors can and will change their tactics at any time? No, we can’t.
This is the conundrum of cybersecurity. “Perfect” can’t exist in this space, and “fully functional” and “effective as possible” are relative. Yet, a few things ring true to most cybersecurity practitioners.
Cybersecurity job requisitions remain vacant while the number of deployed technologies and amount of data that requires security governance continues to climb.
Threat actors aren’t slowing down their assaults on good people, and they’re employing automation to create greater efficiencies for themselves.
The sheer number of system and software vulnerabilities is overwhelming.
The economy is forcing businesses to be more vigilant about spending.
All of this adds up to the need to optimize—time, resources, tasks, and spending. While different companies and security teams will have differing priorities, resource needs, and constraints, there are a few constants in security; one of them is that automation of menial, monotonous, or low-level tasks can be a tremendous tool for ensuring greater efficacy and efficiency.
Automation for staffing struggles
When it comes to cost management, CISOs are already operating with a staff deficit. Many security teams are understaffed and overworked, so cutting people isn’t a viable option. As such, CISOs need to focus on greater workflow efficiency. Automation is the answer. The good news is that many of today’s commercially available security tools have automation built in. From threat detection to incident investigation and remediation, many commercial-off-the-shelf tools offer automated capabilities “out of the box,” therefore freeing up operators’ time for more strategic and impactful work.
Automation is a force multiplier. It allows the machines to churn through mountains of data quickly and surface results to the humans, who are better suited for sentient analysis and business-specific decision making. Automation offers faster, actionable information, giving the business clearer insight to patterns and threats not easily identified by humans in short time spans. Some of the more common automated analytical capabilities built into tools include:
Asset discovery
Data correlation
Data enrichment
Anomaly and threat detection
Alert investigation
Enforcement/remediation actions
Teams using tools that are absent automation capabilities may be able to write their own, increasing the value of the tool to the organization. However, in certain cases, the cost to replace an outdated tool with one that includes automation more than justifies the time and effort required to continue with antiquated tools and processes.
For teams wary of automation, be assured that the widespread use and accuracy of machine learning has made automation a lot more reliable.
Control costs with greater visibility
The financial boon of years prior has left many companies with excess technology. In less lean years, individual business units were empowered to purchase business-enabling tools and technologies. The result was decentralized procurement, causing blind spots in deployment and usage.
To keep an eye on costs as well as security vulnerabilities, security and IT teams should employ automated asset discovery to assess the technology landscape and attack surface. Doing so can help businesses eliminate or consolidate duplicate capabilities and/or deprecate unused systems and applications that could be racking up unnecessary cost.
What’s more, visibility into IT deployments allows businesses to implement shared services and cut costs. For instance, imagine that five different business units in an organization have purchased collaboration tools for their teams. Three of the tools are the same but were purchased under separate licenses. The other two teams have different tools and full licenses for their entire staff, but only a portion of the staff is regularly using the tool(s). If the teams’ requirements for usage are the same or nearly similar, consolidating on shared services will optimize spend and reduce the attack surface at once.
Automated discovery and continuous usage monitoring will help businesses actively manage vendors and associated costs.
Benefits
The benefits of augmenting processes with automation include:
Increased efficiency
Greater efficacy against vulnerabilities and attack
Lower operational costs
Even when the economy returns to full power, it’s unlikely that cost optimization practices will disappear. IT cost optimization is a valuable business strategy that keeps the organization healthy and focused on better business outcomes. The only way to ensure that IT and security teams can keep up with demand is through increased use of automation. Teams using automation can virtually eliminate obsolete processes that weigh down the organization and cost more than dollars and cents.
In this way, automation can be the hero for the organization in terms of cost, efficacy, and efficiency. And when it comes to cybersecurity specifically, the additional threat and risk reduction capabilities are exponential.