How Security Teams Are Automating, According to a New SANS Survey
Automation did not enter popular lexicon until the 1940s, when Henry Ford introduced an official “automation department” at his Michigan car plant. But the concept dates back many years before that, most notably to the industrial revolution, where automation acting as a driver for improved productivity and time management planted its roots.
Not surprisingly, automation has tagged right along as industries have ascended over time, including information technology – and eventually cybersecurity. As long as there is a desire to perform routine and redundant tasks faster, automation will thrive.
The question, then, is not if businesses – and security departments – are relying on automation (of course they are) but how their use of automation is changing. And that’s where things get most interesting and telling of where their greatest efficiency and output gaps may currently lie.
The 2020 SANS Automation and Integration Survey seeks to quantify the progress that is being made because of automation and how it is helping organizations to maximize their security investments.
Among the key findings from this year’s report, automation is increasingly being used to support and amplify security operations. And for good reason: SecOps teams are notoriously overwhelmed and hampered by alert overload, security stack sprawl, and inconsistent, undocument and manual processes.
According to the report, “Nearly 74% of respondents are applying automation at medium or high levels for security operations and event or alert processing, indicating that they are