Humans can no longer cope with the extent of data involved in monitoring cyber-security on information networks and the use of automation, machine learning and Security Automation to manage big-data has become critical.
How do you take advantage of automation while maintaining control, to balance today’s challenge of delivering increased business agility with a consistent security posture?
A collection of distinguished guests discussed this question and more at a breakfast meeting, sponsored by FireMon at Wild Honey in St James, London; the session was moderated by SC's editor-in-chief Tony Morbin.
Morbin opened the discussion by asking the table what kind of challenges they were facing when it comes to embracing digital transformation?
Bruce Beadle (pictured, below), Information Security Officer, Atcore, explained legacy was his major challenge. "The travel industry is notoriously slow to adopt new technologies. That journey away from legacy to the newer technologies is something we’ve been up against for 20 years. We do have compliance requirements, we are PCI DSS Level 1 compliant and have been for ten years. Going forward, following those kind of requirements is probably key for us because it does give us visibility of where are challenges are. And following those compliance requirements on segmentation, auditing, secure access to systems… all those things help across the whole estate. Having said that it is still a challenge for our customers and third parties also – there’s a lot more to do."
Morbin then asked the table what the main challenges the table’s client’s were facing.
Richard Starnes, Chief Security Strategist NEU, Capgemini said: "We have one client where it’s a five nines environment and the patching and updates gets done every three to six months. So speed and accuracy is the primary challenge. Especially when you have a large legacy environment and you’re adding new tools all the time. So we’re always looking for any kind of automation that can improve the speed and accuracy of the process."
Thomas Naylor (pictured, below), Interim CIO, Enablement.tech, added: "One of the biggest challenges SMEs have is the level of compliance that is required for them to do business for their clients. Sometimes these companies don’t have dev ops, they just operate using standard software but they need to evidence every single element of their organisation as being compliant. And they have to work through that and is not something that Security Automation can be used for."
Can automation help your organisation?
So, how do companies such as FireMon handle the fact that every organisation will be at a different part of the digital transformation journey – and convince those companies that may be sceptical about the benefits of Security Automation?
"It rather depends where you’re starting from and the industry," said Andrew Lintell (pictured, below), Vice President & Managing Director EMEA, Firemon. "If we’re looking at financial services organisation they generally do have more budget at their disposal. They’re in a higher-margin business compared to someone who manufacturers goods for example.
"I do find that there is intrinsically within organisations a different opinion of what is possible. Some companies are more open to automation because they are already using it within their business. But for those that are more people-powered, that is where we spend more time trying to understand what they are looking to achieve. And everyone is in shades of grey and automation is not a light switch – there are certain areas that naturally lend themselves to automation and others that don’t.
"For me, it’s about the operation of repetitive tasks. If you can spend less time having to touch every single change on a Firewall or security policy you can spend more time actually worrying about what that policy looks like."
To cloud, or not to cloud?
The table then discussed the challenges and opportunities of moving business operations to the cloud.
"I believe it’s a security opportunity," said Foote (pictured, below), "because you have complete visibility. You can have access to the information for everything that is running."
And from the government's perspective, Julian Fletcher, Consulting Technical Architect, Government Digital Service, said: "It saves people the hassle of having to patch their own local hardware everyday – so there’s a cost benefit. It enables your workers to focus on what they’re good at. Many government departments have already migrated to the cloud. It’s the rule rather than the exception."
Alexandra Anisie (pictured, below), Privacy & Cyber Security Director, KPMG UK, added: "Once you’re in the cloud you have a lot more visibility and the ability to orchestrate responses. It should help take away parts of the human error that is the cause of so many security breaches. But there will always be humans in the loop and we need to make sure they are trained properly to handle change management. The main issues I find with companies moving to the cloud is that people assume you can just take the same old dusty policy and use it for the cloud. And that just doesn’t work."
"Yes, the biggest problem is the lift and shift approach," said Starnes. "That happens when the good idea fairy goes into the CSO’s office and says, ‘We should go to cloud.’ And the CSO agrees. That’s often the whole strategy. If you do a lift and shift approach all you’re doing is transferring the same set of problems to a new technology. You’ve got to have a plan and target for what you want to achieve and then you have to rebuild that environment – or at the very least weed out all of the issues from the old environment before you shift it."
Get the foundations right first
Morbin wrapped up by asking the table for some final thoughts and their key takeaways.
Lintell said: "The need to have a security policy layer is increasing its presence. Automation is helping to deliver the implementation of that policy in order to try and save a lot of time and inefficiency in other areas. It’s not just a security team's decision anymore and in many ways it’s a good thing that security is starting to expand its influence – and for security to become an enabler to agile business practices."
Jeremy Foote, Director of Security Engineering, Dentsu Aegis Network, said: "Be focussed on what you’re trying to achieve. And as people become increasingly dependent on a small group of engineers make sure you look after them."
Beadle added: "We’re all on a journey and at different stages. There’s a long way to go but automation is going to help enable it."
"The key is getting your foundations right," said Anisie, "and figuring out what those foundations mean in the new landscape."
• Click here for information on FireMon's security solutions