By Kumar Saurabh, Contributor, CSO | Aug 22, 2017 7:01 AM PT
Opinions expressed by ICN authors are their own.
Your message has been sent.
There was an error emailing this page.
When I speak with CISOs about automation in cybersecurity, it can conjure up parallels to self-driving cars. After all, if machine learning can create cars that drive themselves, why cant we have self-driving security?
Its a bit early and optimistic, however, to say machine learning and automation will immediately solve all cybersecurity challenges, if ever. Given the threat landscapes inevitable evolution, it will most likely remain an arms race between the defenders and the attackers for the near and long term.
Alternatively, the promise of a machine doing what we thought only humans could do is quickly approaching reality. Theres a lot of early results, hype and even more potential. In fact, this is also true for self-driving cars. The Washington Post highlighted the different levels of development in regards to autonomy in self-driving cars established by the Society of Automotive Engineers (SAE).
Specifically, the evolutionary path to the much-hyped fully autonomous car with each stage providing exponential value.
Similarly in cybersecurity, increasing levels of intelligent automation will also provide exponential benefits. If we compare the levels in the auto industry and apply them to the world of cybersecurity, level zero has very little automation while level five is most autonomous.
On one hand, you have solutions such as User Behavior Analytics and Network Traffic Analysis that profess to automatically analyze normal behavior and alert anything abnormal. The drawback is the inability to understand the full context of an environment or situation, which results in a tendency to generate too many false positives and requires significant analyst involvement to triage.
On the other hand, you have early orchestration solutions that can partially automate some of the easier and repeatable actions during an incident response process. While this solution is adequate to collect relevant information for an investigation process, the actual decision making is delegated to the analyst.
In essence, Level 2 automates actions and repeatable tasks, but not the decision making and judgments that require intelligence.
The first is full, end-to-end alert triage automation. This is where the system has the intelligence, based on context and awareness of an alerts severity, to make decisions and accept feedback from human analysts. Though more advanced systems are able to provide a full explanation of their scoring, analysts still need to review the systems results. However, 95 percent of the overhead work they used to have to do is effectively eliminated.
Second is automated threat hunting that is possible after expert analysts map out the logic they would use in an investigation. The system applies cognitive automation to intelligently hunt for threats 24/7, but at a scale with which human analysts cant keep up. This approach can be made more manageable with prescriptive logic flows for specific use cases, such as Threat Hunter for CloudTrail or Threat Hunter for Office 365.
Such a solution does not exist today, but is often what CISOs hope for when they hear security automation. Achieving this nirvana will require significant advancements in machine learning and computing power.
Security operations technologies have greatly evolved in the past decade. The first big wave was driven by log aggregation and analytics, followed by predictive technologies. The next generation of solutions will be Prescriptive Security Intelligence, offering specific solutions to typical security use cases. The industry will take time to enter a fully autonomous state. If security automation is your end goal, start by looking for Level 3 security solutions that can drive 80 percent of the way to your destination.
This article is published as part of the IDG Contributor Network. Want to Join?
Kumar Saurabh is the CEO and co-founder of security intelligence automation platform LogicHub. Kumar has 15 years of experience in the enterprise security and log management space leading product development efforts at ArcSight and SumoLogic, which he left to co-found LogicHub.
Sponsored Links
The rest is here:
The self-driving car of security automation - CSO Online
- The Automation Conference - December 9th, 2016 [December 9th, 2016]
- The Best Home Automation Systems of 2016 | Top Ten Reviews - December 24th, 2016 [December 24th, 2016]
- Compact Automation - Actuators, Hydraulic Cylinders, Linear ... - December 24th, 2016 [December 24th, 2016]
- What is Home Automation? | Home Automation Systems - December 24th, 2016 [December 24th, 2016]
- Job Seekers - Automation Personnel Services - December 24th, 2016 [December 24th, 2016]
- iAutomation - December 25th, 2016 [December 25th, 2016]
- Beyond Automation - hbr.org - December 25th, 2016 [December 25th, 2016]
- Automation The Car Company Tycoon Game on Steam - December 25th, 2016 [December 25th, 2016]
- Automation - Wikipedia - December 25th, 2016 [December 25th, 2016]
- Build automation - Wikipedia - December 26th, 2016 [December 26th, 2016]
- Home - Enerwave Home Automation - December 27th, 2016 [December 27th, 2016]
- Automation | Technologies | Systems | Integrator ... - December 27th, 2016 [December 27th, 2016]
- Automation - DESHAZO - December 27th, 2016 [December 27th, 2016]
- Custom Automation & Machine Design | Automation GT - December 27th, 2016 [December 27th, 2016]
- IT Automation - BMC - December 27th, 2016 [December 27th, 2016]
- Werner Electric | Automation - January 28th, 2017 [January 28th, 2017]
- Automationtechies | Automation Engineering Recruiting - January 28th, 2017 [January 28th, 2017]
- Automation - Mazak Corporation - January 28th, 2017 [January 28th, 2017]
- Automation | Food Engineering - January 28th, 2017 [January 28th, 2017]
- Test Automation Services for Development of Regression ... - January 28th, 2017 [January 28th, 2017]
- UI Automation Overview - msdn.microsoft.com - February 5th, 2017 [February 5th, 2017]
- The Evolution of Automation and What It Means for the Integration Industry - Commercial Integrator - February 7th, 2017 [February 7th, 2017]
- Automation, robots could replace 250000 public sector workers in the next 15 years - Computer Business Review - February 7th, 2017 [February 7th, 2017]
- New telecom transformation goals require service automation - TechTarget - February 7th, 2017 [February 7th, 2017]
- Automation expected to displace insurance underwriters, real estate brokers - CIO Dive - February 7th, 2017 [February 7th, 2017]
- The Perks Of Automation And The Risks: Why To Think Twice About Getting Into That Driverless Uber - Forbes - February 7th, 2017 [February 7th, 2017]
- Voices Reinventing enterprise finance by overhauling AP automation - Accounting Today - February 7th, 2017 [February 7th, 2017]
- DFLabs Launches the First Security Automation and Orchestration Platform based Upon Supervised Active Intelligence - Business Wire (press release) - February 7th, 2017 [February 7th, 2017]
- VIDEO: Going Big on Automation in a Small Footprint Facility - ENGINEERING.com - February 7th, 2017 [February 7th, 2017]
- Building a better model of human-automation interaction - Phys.org - Phys.Org - February 7th, 2017 [February 7th, 2017]
- Cruise Automation Is Testing an App For Hailing Self-Driving Cars - Fortune - February 8th, 2017 [February 8th, 2017]
- AlixPartners examines automation in manufacturing and logistics management - Logistics Management - February 8th, 2017 [February 8th, 2017]
- Women need to look out for each other in automated workplaces - The Guardian - February 8th, 2017 [February 8th, 2017]
- Automation vs. the H-1B visa program: Which matters to employees? - TechTarget - February 8th, 2017 [February 8th, 2017]
- Automation is the unavoidable future of the economy - The Daily Cougar - February 8th, 2017 [February 8th, 2017]
- Speeders beware: Legislation would allow automation crackdown ... - SFGate - February 9th, 2017 [February 9th, 2017]
- Robots versus bureaucrats: Why public sector work is ripe for automation - Financial Post - February 9th, 2017 [February 9th, 2017]
- Rockwell Automation Surged 10% in January as Growth Picked Up Steam - Motley Fool - February 9th, 2017 [February 9th, 2017]
- Global Medical Automation Market to Reach Approximately $75.6 Billion by 2025 - By End User, Application ... - PR Newswire (press release) - February 10th, 2017 [February 10th, 2017]
- Automation 'key' to advancing Thai production - The Nation - February 10th, 2017 [February 10th, 2017]
- WorkWave Releases New Lead Management And Marketing ... - PR Newswire (press release) - February 10th, 2017 [February 10th, 2017]
- 'We employ insane levels of automation' Kris Canekeratne - Times of India - February 10th, 2017 [February 10th, 2017]
- Most people are optimistic about workplace automation, social data suggests - ZDNet - February 10th, 2017 [February 10th, 2017]
- Yes, there's a job creation argument for automation and technology ... - The Hill (blog) - February 10th, 2017 [February 10th, 2017]
- Technobabble: Automation and the modern worker - CIO Dive - February 10th, 2017 [February 10th, 2017]
- Improving Behavior Through Automation of Vehicle Systems - School Transportation News (blog) - February 11th, 2017 [February 11th, 2017]
- Automation Nightmare: Philosopher Warns We Are Creating a World Without Consciousness - Big Think - February 11th, 2017 [February 11th, 2017]
- Why Don't We See More Automation in Federal Networks? - Nextgov - February 11th, 2017 [February 11th, 2017]
- Automation can revitalize the US workforce - Fox News - February 11th, 2017 [February 11th, 2017]
- Readers Write (Feb. 12): The moose population; jobs, start-ups and automation; diversity in the funny pages - Minneapolis Star Tribune - February 12th, 2017 [February 12th, 2017]
- Automation can replace bureaucrats and save taxpayers money - Hot Air - February 12th, 2017 [February 12th, 2017]
- TigerStop hopes to ride automation to new heights - The Columbian - February 12th, 2017 [February 12th, 2017]
- Your Most Valuable Resource is Time Get More of it through Automation - CMS Critic (press release) (blog) - February 13th, 2017 [February 13th, 2017]
- What Does Device Automation Mean for Users? - Medical Device and Diagnostics Industry (blog) - February 13th, 2017 [February 13th, 2017]
- How To Beat Automation And Not Lose Your Job - Forbes - February 13th, 2017 [February 13th, 2017]
- Logistics firm gets automation boost - The Straits Times - February 14th, 2017 [February 14th, 2017]
- PP Control & Automation launch new video to kick-start exciting plans for 2017 - Manufacturer.com - February 14th, 2017 [February 14th, 2017]
- Automation's Impace on Data Center Monitoring Alerts - The Data Center Journal - February 14th, 2017 [February 14th, 2017]
- Hollysys Automation Technologies Reports Unaudited Financial Results for the First Half Year and the Second Quarter ... - PR Newswire (press release) - February 15th, 2017 [February 15th, 2017]
- 4 Automation Hacks to Save You Money and Manpower - Yahoo Finance - February 15th, 2017 [February 15th, 2017]
- Istuary Innovation Group and Bluewrist Partner to Bring Robotics and Automation into China's Manufacturing Sector - Yahoo Finance - February 15th, 2017 [February 15th, 2017]
- Redwood Software Named a Strong Performer in Independent Robotic Process Automation (RPA) Report - Yahoo Finance - February 15th, 2017 [February 15th, 2017]
- Boeing ramps up automation, innovation as it readies 737MAX | The ... - The Seattle Times - February 15th, 2017 [February 15th, 2017]
- Robots and AI are coming for our jobs, but can augmentation save us from automation? - Digital Trends - February 15th, 2017 [February 15th, 2017]
- The Impact of Bad Data in Automation: Why Quality Management is Critical - R & D Magazine - February 16th, 2017 [February 16th, 2017]
- Automation: Are We Empowering Human Interaction Or Displacing It? - Business 2 Community - February 16th, 2017 [February 16th, 2017]
- Life in the Fast LaneAutomation with Software-Defined Intelligence - InfoWorld - February 16th, 2017 [February 16th, 2017]
- Luddite Lefty Journalists Apparently Think Workplace Automation is Conservatives' Fault [VIDEO] - Daily Caller - February 16th, 2017 [February 16th, 2017]
- Will automation define the future of network technology? - TechTarget - February 16th, 2017 [February 16th, 2017]
- Editorial: Improving automation - The Motorship - February 17th, 2017 [February 17th, 2017]
- TigerText Unveils Role-based Scheduling Automation, Amazon Alexa integration - HIT Consultant - February 17th, 2017 [February 17th, 2017]
- 89% people want automation at workplace: Adobe - Economic Times - February 18th, 2017 [February 18th, 2017]
- Delta veers to EV parts, automation - Bangkok Post - February 18th, 2017 [February 18th, 2017]
- Robotic process automation makes nearshore outsourcing more ... - CIO - February 18th, 2017 [February 18th, 2017]
- The working-class job that Trump could save from automation - Washington Post - February 18th, 2017 [February 18th, 2017]
- China must be ready for automation - Basic Income News - February 18th, 2017 [February 18th, 2017]
- Bill Gates Says Robots Should Be Taxed Like Workers - Fortune - February 18th, 2017 [February 18th, 2017]
- Trump and automation challenge India's IT industry - VentureBeat - February 18th, 2017 [February 18th, 2017]
- Both Trump and Automation Are Challenging India's IT Industry - Fortune - February 20th, 2017 [February 20th, 2017]
- 89% people want automation at workplace: Adobe - ETCIO.com - February 20th, 2017 [February 20th, 2017]