Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

Look again at security automation

Issue 5 2022 Editor's Choice

By Hila Meller, global head of sales, BT Security.

BT began the automation journey for its security operations centres (SOCs) in 2018, with the goal to unify customer experience across them. The main learning point was “you should never try to automate a complex process that’s not fully documented and well understood.” From this starting point, there are five key considerations to apply to your security automation journey.

#1 Skills shortages should drive focus

The (ISC)2 Cybersecurity Workforce Study reported a worldwide cybersecurity skills shortage of 2.72 million people. In the face of these supply constraints, the cost of cybersecurity talent is extremely high, leading to regular churn as skilled employees leave to pursue other career opportunities. It also makes it very difficult for smaller organisations and less well-funded industries to compete for cyber talent, leading to huge security risks.


Hila Meller.

In an environment where resourcing is limited, it’s critical to consider how automation can handle the routine, the repetitive, and those tasks that are important but not urgent. It would be naïve to assume that whole tasks can be fully automated, but automating the repetitive parts frees your analysts to apply their skills in more complex ways that widen the breadth of their experience, leading to increased job satisfaction and better retention.

#2 Look at automation holistically

When looking at automation options for your organisation, you need to assess the overall value of automating each process. The goal is to use automation where it provides the most effective value, without watering down capabilities, introducing additional risk or removing necessary human oversight. Before implementing automation in your tools, be sure you’re clear on the benefits and why you’re automating. Consider all aspects of your processes, the types of threats you see, talent availability, and the costs vs. benefits of automating certain decisions.

#3 Think about the operational implications of automation

Clear communication between groups within the organisation is critical to any platform where automated change can happen. Operational teams, in particular, need to have understanding, sight, and sign-off of such systems to understand the implications. In most organisations, a human ‘in the loop’ during an initial phase, aware of how such systems operate and able to investigate any change and revert it back in moments is a wise precaution. After a period of optimisation, tuning and tweaking, confidence will grow to the point that the humans can be ‘out of the loop’ and the organisation can rely on the automation.

#4 Choose your scope and domain wisely

Deciding what areas to automate is a minefield for many organisations. For most clients starting out on the journey, we would recommend focusing initially on basic individual controls and policy enforcement capability. This area tends to be simpler, with less chance of clashes between technology areas and vendors.

Risks also vary by organisation. We’ve long advocated for building a strong understanding of the threats each organisation faces and determining responses based on the tools, techniques and procedures known to be used against them. This threat intelligence data can be one of the main drivers allowing these responses to be automated – as long as the accuracy of the data is high.

#5 Data clarity drives improvement

Having a clear view of what data is needed and the insight that it can give you is key to successfully implementing automation programmes. Be selective about security data, particularly when linked to security decision making. Security controls are generating more data points than ever before, but before we can use it, we must ingest, process and store all that information.

Collection plans and data prioritisation should be central to your data strategy. This ensures that you can consolidate and refine data to reduce volume (and therefore cost) without losing the integrity or value of the data or of the decisions that we can make. Inevitably, the data will come in many different forms and from a myriad locations and sources. Having a well thought-through data capture strategy will help deliver the most benefit down the line. With so much data on hand, being clear on validity and prioritisation is fundamental to making sure that automated decision making is accurate and predictable.

As the world becomes ever more interlinked and connected devices number in the billions, the cyber landscape will continue to increase in reach and complexity. To combat this, automation will move from a ‘nice to have’ into an essential tool that organisations can’t cope without. As a result, the importance of contextual, timely and accurate threat intelligence as an input to decision making cannot be overstated.




Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

What is your ‘real’ security posture?
BlueVision Editor's Choice Information Security Infrastructure AI & Data Analytics
Many businesses operate under the illusion that their security controls, policies, and incident response plans will hold firm when tested by cybercriminals, but does this mean you are really safe?

Read more...
What is your ‘real’ security posture? (Part 2)
BlueVision Editor's Choice Information Security Infrastructure
In the second part of this series of articles from BlueVision, we explore the human element: social engineering and insider threats and how red teaming can expose and remedy them.

Read more...
IQ and AI
Leaderware Editor's Choice Surveillance AI & Data Analytics
Following his presentation at the Estate Security Conference in October, Craig Donald delves into the challenge of balancing human operator ‘IQ’ and AI system detection within CCTV control rooms.

Read more...
Onsite AI avoids cloud challenges
SMART Security Solutions Technews Publishing Editor's Choice Infrastructure AI & Data Analytics
Most AI programs today depend on constant cloud connections, which can be a liability for companies operating in secure or high-risk environments. That reliance exposes sensitive data to external networks, but also creates a single point of failure if connectivity drops.

Read more...
Toxic combinations
Editor's Choice
According to Panaseer’s latest research, 70% of major breaches are caused by toxic combinations: overlapping risks that compound and amplify each other, forming a critical vulnerability to be exploited.

Read more...
Continuum launches centralised access and identity management
Editor's Choice Access Control & Identity Management Integrated Solutions Facilities & Building Management
Continuum Identity is a newly launched company in the identity management and access control sector, targeting the complexity of managing various Access and Identity Management (AIM) systems.

Read more...
Making drone security more accessible
Editor's Choice Integrated Solutions Residential Estate (Industry) AI & Data Analytics IoT & Automation
Michael Lever discusses advances in drone technology, focusing on cost reductions and the implementation of automated services, including beyond line of sight capabilities, for residential estates with SMART Security Solutions.

Read more...
Private fire services becoming the norm?
Technews Publishing SMART Security Solutions Editor's Choice
As the infrastructure and service delivery in many of South Africa’s major cities decline, with a few, limited exceptions, more of the work that should be done by the state has fallen to private companies.

Read more...
View from the trenches
Technews Publishing SMART Security Solutions Editor's Choice Integrated Solutions Security Services & Risk Management Residential Estate (Industry)
There are many great options available to estates for effectively managing their security and operations, but those in the trenches are often limited by body corporate/HOA budget restrictions and misunderstandings.

Read more...
SMART Estate Security Conference KZN 2025
Arteco Global Africa OneSpace Technologies SMART Security Solutions Technews Publishing Editor's Choice Integrated Solutions Security Services & Risk Management Residential Estate (Industry)
May 2025 saw the SMART Security Solutions team heading off to Durban for our annual Estate Security Conference, once again hosted at the Mount Edgecombe Country Club.

Read more...











SMART Security Business Directory


While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.

Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.