Security Automation: Why Automation is a Security Professional’s Best Friend

Tim Woods

“Do more with less.”

Most IT professionals probably can’t recall a time when this edict wasn’t in full force. FireMon’s 2019 State of Hybrid Cloud Security survey found security professionals still live this daily as they attempt to effectively safeguard data and applications in their hybrid clouds.

And it’s only getting worse with the trend toward multi-cloud environments made up of various Software-as-a-Service (SaaS), Platform-as-a-Service (PaaS), and Infrastructure-as-a-Service (IaaS) instances to meet the needs of various lines of businesses. As security professionals try to keep pace with multi-cloud platform adoption, they’re hard-pressed to find time to proactively apply the ideal security policies.

Not enough visibility, not enough eyeballs

Our latest survey found 60 percent of respondents concluding that their organization’s deployment of business services in the cloud outpaces their ability to adequately secure them in a timely manner. And despite growth of cloud service adoption, nearly 58 percent say they spend less than a quarter of their security budget on the cloud.

Lack of resources, visibility and budget poses a significant risk for enterprises

This limited spending impacts the technology available to security professionals. Only 28 percent of respondents use tools that work across multiple environments to manage network security across their hybrid environment, while almost 36 percent of respondents either use native tools for each environment or manual processes. It affects the C-suite too, as they said the biggest challenge in managing network security tools across hybrid cloud environments was that they had “no centralized or global view of information from the tools.” This suggests resources are strained across the board no matter the size of the company.

It’s both a technology and people problem as overall, a “lack of integration across tools” and “lack of qualified personnel or insufficient training on the tools” were the top two biggest challenges in managing network security tools across hybrid cloud environments.

The survey also found 52 percent of respondents have a security team of 10 people or less, with 54 percent of respondents managing both on-premise network security and cloud security. Although the potential exists for DevOps teams to help improve an organization’s security posture by baking it in when developing apps—with almost 44 percent of respondents saying the acceleration of DevOps has positively impacted security operations—30 percent said their relationship with the DevOps/Application team is either complicated, contentious, not worth mentioning, or non-existent.

There are signs some organizations are prioritizing security operations, but clearly many enterprises have a lot to do to get everyone on the same page. It includes having the right people and the right tools.

Work smarter by automating where possible

So, what does a security team with limited staff and resources do when faced with the reality of scaling complexity and multi-cloud environments?

You could spend a lot of time manually cleaning up your security policies, such as unused and redundant firewall rules that have built up over time. But as the survey says, there’s a shortage of people. What you must do is make your people more efficient. Better still, what if some tasks just took care of themselves?

That’s where automation comes into play. A common refrain we hear from security directors and CISOs is they have great people saddled with mundane tasks such as ticket punching or repetitive firewall change requests when a line of business asks them to enable access to an application. These tasks greedily eat up business cycles, so if you’re not adding people to the team, you must take some of these repeating tasks off their plate. It’s the only way to scale security while tackling growing complexity.

Better processes help people work smarter too. If you give them the visibility and information they need, spinning up another service workload or adding a user at the request of the business doesn’t turn into a long, arduous journey. Think about it—no need to make a firewall change request manually when the marketing department hires an intern because the business manager can self-service the task without violating security policy.

By establishing sound policies and automating, you’ll gain efficiencies, but be sure you automate where it makes sense. Evaluate your current process, interview the people involved and understand the business demands that impact security policy enforcement and management. You don’t want to spend an enormous amount of time trying to automate something if it doesn’t save you time every day that you can apply elsewhere.

Successful automation will empower your team and enable them to gain greater efficiencies in their daily tasks within your existing resource constraints. Better still, it frees them from mundane tasks so they can focus on the higher skill tasks they were brought on board to do.