In previous blogs, we discussed the importance of a strong data-protection program across known and understood data, but once the program has been completed, what’s next? Too often, the answer is ‘nothing’ or ‘very little’ with the resource- strapped security team typically needed for moving onto the next project, leaving little time for ongoing review and improvements that will be required to keep data-protection measures up to date.
Having a strong and known security posture is important, but it’s equally important to maintain and update that posture. The battle against malware is ongoing and bad actors don’t stay still; they’re constantly looking for new weak spots and opportunities to break through defenses and gain access to valuable data.
The answer to this problem? Security automation.
Automation is the best way to give time back to security teams so they can work on improving business security, rather than just maintaining it. Organizations should leverage data across solutions to provide information that can be used by artificial intelligence and machine learning to create and maintain security policies. That’s not to say that automation should, or even could, be used for everything; any automation project should look at what data is available, what repetitive, regular tasks are undertaken and which of those tasks could – if automated – give the most time back to an engineer.