Page 202 - Cyber Defense eMagazine Special RSA Conference Annual Edition for 2022
P. 202

There’s where automated remediation steps in.

            As its name suggests, automatic remediation manages fixes and upgrades without human intervention.
            Organizations can establish the automated remediation rules their system follows, instructing the tool to
            disable  or  uninstall  low  security  scored  apps  when  users  ignore  a  warning  email  or  remove  risky
            connection between applications (app2app), for example.

            Remediation is always on, applying to new apps and new users, even with the decentralized nature of
            SaaS projects. You don’t have to worry about adding these new apps and users to the remediation
            process thanks to automated remediation.



            The Need for Automatic Remediation


            For security teams, automatic remediation provides a valuable service. Starting with increased visibility
            and analysis, a trusted automated remediation solution can address newly identified issues with minimal
            human interaction. Not only does it improve accuracy – human error is always a present cybersecurity
            concern – but it can free cyber teams to focus on more important tasks.

            Automatic remediation aims to provide an additional layer of security. While technology teams should not
            see it as an exemption to perform updates and not follow security best practices, the automation process
            can reduce some of the overall risks.

            Security teams already find themselves pulled thin, juggling long-term planning and investments with
            day-to-day  needs.  Automatic  remediation  can  remove  some  of  that  daily  burden.  This  is  critical  as
            organizations continue to see the use of SaaS applications grow.

            As companies continue to scale, automatic remediation is not just needed but essential. There are simply
            too many applications and security events for manual remediation to be effective, something made even
            more difficult with the lack of security professionals in the job market.



            A Growing Attack Surface

            The use of authorized SaaS applications and unauthorized shadow IT create more avenues for hackers
            to gain entry into your larger enterprise. With these doorways, hackers can navigate your network to find
            valuable information, such as your company’s financial records, intellectual property, or the personally
            identifiable information (PII) of customers and employees.

            As this study shows, PII has grown 20-fold in companies that use SaaS applications. Managing this
            growing attack surface, which has expanded with increased remote work efforts as employees work on
            different networks, presents an enormous challenge. Even the best trained and dedicated security teams
            will struggle to keep pace.











                                                                                                            202
   197   198   199   200   201   202   203   204   205   206   207