Getting Started With Security Automation

Stressed and stretched, IT security teams look too automation for relief from high volumes of alerts from their detection and response systems. Here’s how three organizations started on the path to automated incident response.

Network engineer Jose Arellano concedes that “the hardest part of my day” is keeping the network safe for 12,700 students, 1,900 staff and more than 10,000 connected devices at West Aurora School District 129 in Illinois. The two-person security team once focused primarily on getting the network running as securely and efficiently as possible for teachers and students. “We always focused on what was inside,” with the school’s limited resources and budget, Arellano says.

When a DDoS attack took down the district’s network for more than six weeks, however, they struggled to identify the problem. Now he’s had to shift his focus from prevention-only approaches to detection and response. “It is an incredibly difficult job,” he says.

Arellano’s frustration is shared by a growing number of security professionals, and that’s partly due to the number of reported vulnerabilities each year. Threat intelligence firm Risk Based Security logged nearly 5,000 new vulnerability disclosures in the first quarter of 2020 alone. It’s hard for stretched security teams to evaluate the risk those vulnerabilities pose.

Continue Reading… on CSO Online

Cybervizer is a blog and podcast site that focuses on the latest technology and cybersecurity topics that are impacting enterprises, both small and large. Join us to explore the most important trends in enterprise technology and cybersecurity today. Get true insights into the tech and trends that will impact you and your organization.

Sign Up for Our Morning Boot Cybersecurity Newsletter

Sponsored Ad

Cybervizer Recommended Book