3 cybersecurity automation tools that your IT department needs now
In the current IT hiring crunch, skilled security workers are becoming increasingly overwhelmed with more work than can be handled. More skilled workers should take up the slack to the degree necessary to free up their colleagues' workloads.
This is according to a study by Mark Leary, an analyst at IDC. The study found that understaffed IT teams struggle to manage network operations and deliver high-quality digital experiences.
- 58 percent of organizations believe their most well-trained staff spend too much time on tactical responsibilities
- 63 percent want their organizations to find ways to enable lower-skilled IT staff to find and fix issues
ChatGPT training built for everyone
Standing in the way of optimal IT efficiency, however, are chronic shortages of well-trained technical staff and a general need for more tools to ease the workload.
The tools most in demand by those in the trenches concern cybersecurity automation and the centralization of data from multiple sources.
Here are a few ways technology can relieve IT overwork, particularly in the security arena.
1. Unified IT observation tools
54 percent of organizations surveyed by IDC admitted using six or more IT monitoring and measurement tools. Many of these tools have a narrow focus, hampering productivity and collaboration, restricting IT’s ability to meet business requirements and making everyone’s jobs more difficult.
And as a result, they fail to provide a unified view of their organization’s operating conditions or security posture.
Personnel is instead forced to skip from console to console and manually combine data from multiple sources to gain an accurate understanding of a company's security condition.
Tools such as Alluvio Unified Observability, Splunk Observability Cloud and LogicMonitor LM Envision are designed to reduce reliance on such discrete data silos to give a more comprehensive view across the enterprise.
These tools facilitate IT automation that brings less-experienced personnel up to speed and reduces the workload on veteran security and technical personnel.
2. Meet new regulatory compliance standards
Compliance has become a major issue since the EU (as well as states such as California) passed stringent data protection and privacy regulations like the General Data Protection Regulation (GDPR).
For example, a recent decision by the Austrian data protection authority DSB found that U.S. cloud-based analytics services such as Google Analytics violated EU regulations regarding international data transfers.
“U.S. big tech is struggling with GDPR compliance,” said Maciej Zawadziński, CEO of Polish data tech company Piwik PRO. “Data Privacy Agreements (DPAs) in France, Spain and Ireland have imposed gigantic fines on many U.S. tech organizations.”
Anyone collecting the personal details of EU residents must ensure that they keep the data in Europe, where strong privacy regulations apply. Piwik PRO, as an example, offers an Analytics Suite that uses analytics and automation to enable enterprises to obtain all the data they need and comply with applicable laws while minimally relying on IT personnel.
ChatGPT training built for everyone
3. Better manage insider risk
Insider risk is another area benefiting from cybersecurity automation — and it's about time. According to the Annual Data Exposure Report:
- 96% of companies experience challenges in protecting corporate data from insider threats
- 73% report insider risk as a big problem
- A 37% chance exists that a company will lose intellectual property when an employee quits
These numbers highlight that very little within current cybersecurity budgets addresses these types of threats.
“With employee turnover and the shift to remote and collaborative work, security teams are struggling to protect IP, source code and customer information,” said Joe Payne, Code42 President and CEO.
“Companies must fundamentally shift to a modern data protection approach — insider risk management (IRM) — that aligns with today’s cloud-based, hybrid-remote work environment and can protect the data that fuels their innovation, market differentiation and growth.”
Tools are emerging to automate the tracking and movement of data. Most notable among their features is the ability to assess the risk of exfiltration from departing employees. Code42 Incydr is just one example. It detects data losses, leaks and thefts and speeds up incident response, resulting in increased efficiency of IT departments.
It's past time to embrace cybersecurity automation
While these are some examples of specific areas badly in need of automation, the cybersecurity industry is embracing automation across industries.
“With the volume of threats rising so sharply, IT departments need consolidated tools that provide a high level of automation,” said Ashley Leonard, CEO of Syxsense. His company offers a platform that unifies automated patch management, vulnerability management, IT management and mobile device management (MDM).
Further examples of this trend include:
- Cynomi with an automated application that assesses risk, recommends cybersecurity strategy and ensures compliance with various rules, regulations, policies and standards
- Falconstor has added a large amount of automation to processes centered around data protection, disaster recovery and backup operations for the hybrid cloud
- Cynet has automated threat investigation and remediation actions as part of its extended detection and response (XDR) package
ChatGPT training built for everyone
There are many more examples. The point is that in this age of IT and security staffing shortages, automation plays an increasingly vital role in staying afloat.
“With skilled cybersecurity personnel being in such short supply and the threat landscape being so volatile, smart organizations are using automation to handle routine threats, enabling skilled staff to focus on exceptions and new attacks,” said Greg Schulz, an analyst with StorageIO Group. “It is becoming a case of automate or die.”
- Reduce security events
- Reinforce cyber secure behaviors
- Strengthen cybersecurity culture at your organization
In this Series
- 3 cybersecurity automation tools that your IT department needs now
- Digital identity management: Balancing usability, security and privacy
- Why aren’t more women in cybersecurity, and how can we fix it?
- ChatGPT and the strengths and limitations of cognitive AI
- Cybersecurity automation: Tips to do it right in your organization
- Advancements in online safety: Combating cyberbullying and protecting vulnerable communities
- How small and medium businesses (SMBs) can fast-track a disaster recovery plan
- What it takes to qualify for the US Cyber Games team
- The changing role of a ransomware negotiator
- Protecting K-12 schools from cyber threats: The case of Vice Society
- A deep dive into GitHub's security strategies
- Data storage security isn't working: Here are 5 ways to improve
- Protect your data with zero-trust networks
- One phishing attack could expose your entire hospitality network
- Privacy compliance and security: Are you collecting too much data?
- API security best practices: What you need to know
- Considerations when using open source to build an identity system
- Security as a service: 11 categories you should know
- The impact of open source on cybersecurity
- Cybersecurity jobs are in demand. C-level IT executives needed!
- 6 cybersecurity truisms the industry needs to rethink
- 2022 cybersecurity spending trends: Where are organizations investing?
- Will corporate support for Fast ID Online [FIDO] mean mass adoption? If so, what does that mean for security and identity?
- Twitter’s cybersecurity whistleblower: What it means for the community
- Top 5 cybersecurity questions for small businesses answered
- What Is zero-trust security, and should your business adopt it?
- What’s next in cybersecurity: Predictions from Andrew Howard
- How training employees about ransomware can mitigate cyber risk
- Today’s IT job market: Beyond fear, uncertainty and doubt
- Third-party authentication (OAuth): Good or bad for security?
- Two basic actions that reduce enterprise cyber risk by 60%
- 4 key takeaways from the 2022 Verizon DBIR report
- Four examples of human error in cybersecurity — and how to fix them
- Five ethical decisions cybersecurity pros face: What would you do?
- How to become an ethical hacker: Tips from Offensive Security CEO Ning Wang
- Shaking up security awareness: How one organization is building a culture of security
- Security Culture: TikTok CISO says this trend is here to stay
- IT skills advice from IDC's IT education and certifications expert
- Managing a security awareness program: Carrots, sticks, and repeat offenders
- Reducing IT’s carbon footprint: Good for business as well as the environment
- How Booz Allen Hamilton keeps their security team secure and compliant in a hybrid world
- 5 tactics to improve cybersecurity hiring results
- Top 9 effective vulnerability management tips and tricks
- SOC integration: Creating a well-built portfolio vs. a frankenstack
- Cybersecurity hiring: Why employer and higher ed collaboration is key
- After certification: Investing in employees' cybersecurity career pathways
- Where do ransomware, cyber education and cyber insurance intersect?
- Could psychology be the key to cybersecurity awareness? Research points to yes
- How IT pros can keep their organization on the cutting edge
- Cyber talent diversity: It's time to redefine the face of security
- Cybersecurity and Windows 11: What you need to know
- Reduce security events
- Reinforce cyber secure behaviors
- Strengthen cybersecurity culture at your organization
Industry insights
Digital identity management: Balancing usability, security and privacy
Industry insights
Why aren’t more women in cybersecurity, and how can we fix it?
Industry insights
Industry insights
Cybersecurity automation: Tips to do it right in your organization