As automation touches more of your organization, security will be far from automatic. Bots’ privileges need close scrutiny, for example
Automation Practices-Automation continues to take on a growing role across business functions. Looking specifically at the cybersecurity sector, identity and access management, patching, and network change management are just a few areas where automation has become a central component.
The goal of these and other automated functions is to free skilled human labor from mundane tasks and to speed up response or task time, which allows for things that were not previously possible before automation. This suggests a symbiotic relationship between man and machine, and it’s true that automation provides security teams with numerous benefits in addition to those listed above. However, the technology requires a few critical considerations in order to avoid introducing security vulnerabilities that can easily snowball into a huge problem for security leaders — and the organization overall.
When implementing automation in your organization — or when reviewing existing deployments — IT leaders should consider these best practices:
Stay actively involved: When people hear “automation,” they tend to think that the process in question happens with little to no human oversight, but that assumption is incorrect. It may sound counterintuitive, but automation should never actually be automatic: To maintain control over processes and ensure security, there must always be a degree of human involvement and oversight.
This could be in the form of logs, alerts, or reports that update security teams on what has occurred automatically and enable them to take manual action as needed. IT leaders also must set limits around what automation can do and implement rules to alert security teams to actions that could introduce a security vulnerability or workflow issue.
Closely review third parties: Granting vendors and other third parties access to internal systems and networks is an expected part of doing business today. When companies implement automation solutions that rely on add-ons or require management by an external vendor, however, there can sometimes be cause for concern. As with anything, collaborating with a third party can introduce new security vulnerabilities and increase the likelihood of a security incident.
This is not to suggest that companies should try to do more in-house — it goes without saying that a “go-it-alone” attitude is also troubling from a security perspective. However, it is important that organizations closely review third parties and wherever possible, replace numerous point solutions with more comprehensive products that offer a more integrated security approach.