Page 95 - Cyber Defense eMagazine September 2023
P. 95

Best practices for using automation to help go beyond visibility

            Gathering threat intelligence isn’t enough; it’s how the intelligence is correlated that truly makes the
            difference. Automation and machine learning can assist with ingestion, correlation and resulting output
            that provides visibility into threats that may have been previously unknown. This analysis must be able
            to scale to the volume of threats that exist today, which cannot be done manually. With correlation to
            other data sets, and with detection technologies, a threat can be discovered.

            Security orchestration, automation, and response (SOAR) technologies can help prescribe a course of
            action when an anomaly is discovered. Previously burdened with time-consuming and repetitive duties,
            SOC teams are freed to resolve problems more quickly. This lowers expenses, increases productivity
            and fills in coverage gaps.

            It's also important to streamline processes so the information that comes from greater visibility is used
            rather than bogged down in slow processes. Using AI, ML and automation will simplify ingestion, analysis
            and recommended remediation steps, which will reduce the process slow-down.



            Information plus automation

            Once you can see all that you need to see across your IT environment, you quickly realize that a humans-
            only approach to cybersecurity is no longer viable. Taking visibility to the next level isn’t going to be done
            with  humans  alone;  it’s  simply  too  big  a  task.  Automation  and  machine  learning  are  ideal  for  this
            scenario. Use the best practices noted above to maximize the value of the information visibility provides
            and optimize your cybersecurity stance.



            About the Author

            Christina  Richmond  is  the  Chief  Strategy  and  Growth  Officer for  Inspira
            Enterprise,  a  global  cybersecurity  risk  management  and  digital
            transformation service provider across the Americas, Asia Pacific, Middle
            East, India and Africa regions. She is a long-time cybersecurity advisor and
            recognized luminary in the industry. For nearly a decade, Christina was a
            well-known industry analyst and led the global security services research
            practice at IDC.
















            Cyber Defense eMagazine – September 2023 Edition                                                                                                                                                                                                          95
            Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.
   90   91   92   93   94   95   96   97   98   99   100