Our site uses cookies to make it work and to help us give you the best possible user experience. By using our site, you agree to our use of cookies. To find out more about cookies and how you can disable them, please read our cookies statement. 

Cookie Settings

You can manage your cookie settings by turning cookies on and off.

Click on the different cookie  headings to find out more about the types of cookies we use on this site and to change your settings. Please be aware that if you choose to turn off  cookies, certain areas of our site may not work and your browsing experience may be impacted.

For further information on how we use cookies, please see our cookies statement. 

Strictly Necessary Cookies

(Req)

These cookies are essential for the technical operation of and proper functioning of our site  and enable you to register and login, to easily move around our site, and to access secure areas. Without these cookies our site won't function properly.  

These cookies are required

Performance Cookies

Performance cookies allow us to collect aggregated and anonymous data on how our site is used, such as the number of visitors to our site, how you navigate around and the time spent on our site and also to identify any errors in functionality. These cookies also help us to improve the way our site works by ensuring that you can find what you’re looking for easily, to better understand what you are interested in and to measure the effectiveness of the content of our site. 

Marketing Cookies

These cookies allow us to advertise our products to you and allow us to pass this information on to our trusted third parties so that they can advertise our products to you on our behalf. All information these cookies collect is aggregated and therefore anonymous. No personal information is shared to third parties. Any personal information collected while using our website could be used for direct marketing from Dimension Data only.

Automation and orchestration: transforming how cybersecurity teams work

Blog

It’s an exciting time to be in cybersecurity, as automation and orchestration help to transform how

Cybersecurity teams operate on a day-to-day basis, as well as support innovation within the business.

Digitalisation has allowed organisations to become increasingly agile, flexible, scalable and transform at exponential speeds. Thanks to digital transformation, cybersecurity has also been understood to play a more significant role in an organisation’s success. Given the substantial financial and reputational damages a single breach or cyber-attack could leave behind, its simply not worth the risk to be unsecured. Organisations are now becoming secure by design; that is, security is being discussed at the board, but also built-in to programmes, applications, products and services that our clients take to market, with the creation of SecDevOps. 

While this is good news for the career of the cybersecurity leader and practitioner, the reality is that the demands on cybersecurity teams is growing. An expanding digital footprint, alongside an increasing list of regulatory and data privacy requirements to meet, coupled with the growth in volume and sophistication of attacks, means that it’s harder to keep a business secure. A company’s digital presence has become its largest attack vector. 

Add to that a global cybersecurity skills shortage and the job does not get easier. It’s difficult to find the right talent and expertise that will provide sufficient headcount for the day-to-day, and to plan for tomorrow. As a result, security teams are feeling event fatigue, struggling to find the right balance in terms of achieving visibility and control, as well as to effectively promote an innovative and proactive security approach that supports the business’ ambitions for operational excellence and economies of scale. 

That’s why there’s so much excitement about orchestration and automation in security. While certainly not new terms in the technology industry, they have tremendous potential to take some of the burden away from cybersecurity teams, helping them to focus their energy and efforts into more high-value activities, extending their effectiveness and overall job satisfaction. 

Security automation helps with creating an effective and tightly integrated technology eco-system. It is the computerisation of a task that would otherwise require human intervention or the use of more than one security tool. Examples include automatically provisioning or deprovisioning new users, investigation and evidence collection, as well as event correlation and the respective decision-making processes (the security action to take if A or B occurs, as per past experience). 

Security orchestration, on the other hand, is really about the automation of multiple tasks, processes and workflows across multiple cybersecurity tools and systems. The net result is a previously fragmented set of technologies, controls and products that are now integrated, for the purpose of better cyber intelligence sharing and improved threat detection and response. 

Together, these take routine, time-consuming tasks away from the practitioner to make security and operational teams more productive, cost-effective, consistent and predictable. A team can move from spending hours investigating a false alarm to a real one that needs addressing and/or, they can redirect their efforts and investment towards developing a culture of SecDevOps , training or knowledge transfer within the business to enable and drive innovation. 

I’ve identified the below four domains as the key focus areas in terms of applying cybersecurity automation and orchestration:

  • Threat Monitoring – maintaining visibility across the threat landscape, with the ability to detect, contextualise and prioritise key events in real-time. 
  • Incident Response – the ability to follow up on cyber incidents to be able to contain, investigate and remediate in a short time frame and before damages are incurred.  
  • Security Lifecycle Management – harnessing machines to offload all the mundane, low level daily tasks such as patching, software management, monitoring, reporting and more.  
  • Operational Efficiency – using automation to drive operational efficiency, so that processes become repeatable, measurable and continuous improvement can be demonstrated. 

There may be other areas that benefit you, or based on your operating environment, you might choose to prioritise one over the other. 

If you would like to learn more about orchestration and automation in general, or would like to explore solutions that you can implement in your business, Dimension Data can help. Get in touch with our cybersecurity experts today.

Previous Article: Now’s the time to engage a Managed Security Services provider Next Article: Making AI work for you

You may be interested in

Rocky ocean
Blog

What I learned from hacking the Winter Olympics

I used to think that technology was the answer to all security questions, but my experience post 9/11 taught me that governance should always be the starting point for security discussions.

Read blog
Cityscape
Blog

The two-way conversation you need to have with your CEO on cybersecurity

With cyberattacks featuring regularly in mainstream news, it’s good to see that Boards and CEOs are becoming more cybersecurity conscious.

Read blog
City
Blog

Balancing risk and innovation

There’s no question that digital is the way forward. It offers tremendous benefits to your business: faster speed to market, more business intelligence and improved customer relationships.

Read blog
Cityscape
Blog

Securing the multi-cloud

As economic and operational benefits of the cloud became clearer, business units aggressively drove cloud services adoption across the business.

Read blog