A Framework for Advancing Your IT Security Automation

Why aren’t more organizations automating security processes? This is the question we pondered in our last post. We examined data from a recent report on firewall management, which indicated that few organizations are using automation despite growing numbers of firewalls, the critical importance of firewalls, and the business issues and risk caused by error-prone manual processes. Although firewalls are just one element of the security architecture, the lack of automation in firewall management illustrates the challenges organizations face with security automation.

There are a number of factors that inhibit the adoption of automated security tools. One is the prevalence of ad hoc processes for managing the security environment, which are difficult to automate. Organizations need to develop policies, procedures and workflows that are agile enough to keep pace with change business and IT requirements and won’t negatively impact business processes and customer service. Organizations also need help selecting and configuring automation tools and acquiring and managing the data need to drive them.

Forrester has created a framework for IT infrastructure and operations professionals to use in developing an automation strategy. The research firm has identified six competencies that must be mastered in order to fully leverage automation, and key activities within each:

• Strategy. This competency could also be labeled “assessment.” In this initial step, organizations should determine what’s already been automated so they can eliminate disconnected “islands” and duplication of effort. It’s also important to identify automation tools that aren’t delivering the expected benefit and earmark them for reevaluation.
• Process. The label for this competency should be more descriptive. Automation has nine critical dimensions that fall into three categories: Process (data acquisition, comprehension and determinism); Enterprise (robotics quotient, operating effect and governance / auditability); and People (human-machine interaction, human effect and future-of-work effect). Organizations need to have at least a basic understanding of these dimensions.
• Prioritization. This is the key to success in any long-term, transformative effort. Organizations should prioritize automation projects that will bring the greatest value to the business, either through efficiency or competitive advantage. That requires an analysis of how automation will affect operational processes and align with business objectives.
• People. IT security and operational teams are going to have to acquire new skill sets in order to implement and manage automation. These skills will range from workflow development to data science to artificial intelligence. If staff resources are limited, partnering with a qualified systems integrator such as Technologent can help kickstart projects.
• Structure. A formal organizational structure will help drive automation projects toward identified goals.
• Operations. This is a critical component. Automation will not be successful if it’s bolted onto inefficient operational processes. Operations must be improved upon and realigned to embrace automation.

Forrester notes that it periodically reviews and revises these guidelines, and urges organizations to adapt the framework to meet their needs and operating model. The objective here is not to provide a rigid structure but to offer key considerations when developing an automation strategy.

One size does not fit all, particularly when it comes to automating IT security. And odds are you’ve already automated more of your environment than you realize. Let’s sit down together to discuss how you can build upon successes, learn from failures, and maximize the benefits of IT security automation.