CIO OPINION
While automation is useful in some limited contexts , security teams cannot abrogate their risk management responsibilities by delegating decision-making to a machine .
Vaughan Shanks , Cydarm CEO
Automation isn ’ t the answer to the cybersecurity skills shortage
Vaughan Shanks , Cydarm CEO , says the resourcing challenges of security operations teams are nuanced and unlikely to be substantially solved using automation alone .
We know there ’ s a security skills shortage . We ’ re constantly reminded of it – the gap between supply and demand isn ’ t closing and a high number of data breaches and ransomware incidents are occurring as a result .
Automation is commonly marketed as a panacea for the skills shortage to lift the technical burden placed on cybersecurity operations analysts and free up their time to focus on higher-order tasks or remove the need for analysts altogether .
The whole reason security operations teams exist is because the existing controls on our perimeters , endpoints and servers have been unable to block intrusions .
While automation is useful in some limited contexts , security teams cannot abrogate their risk management responsibilities by delegating decision-making to a machine . Nor can automation provide an account of what is happening to a senior decision-maker , supply chain partner or regulator .
That looks immensely attractive to organizations looking for quick ways to do the proverbial ‘ more with the same ( or less )’.
In addition , the skills required to configure and maintain automation often requires hiring security engineers , and these are harder to come by than SOC analysts .
But anyone who ’ s spent any time in cybersecurity knows automation is a more complex challenge than it seems and can have unintended consequences .
A capability maturity model ( CMM ) for security operations can assist in determining what is best handled by humans or computers .
44 INTELLIGENTCIO APAC www . intelligentcio . com