Ponemon Institute says automation helps battle cyberattacks
ENABLED by technologies such as software bots and artificial intelligence (AI), automation is quite an interesting capability that is helping businesses around the world.
In most cases, automation takes on the routine tasks that professional carry out on a regular basis, creating more bandwidth for them to focus on things that require their experience, skills, and creativity.
According to a new study by the Ponemon Institute, automation is one of the biggest and most significant capabilities for cybersecurity professionals that can help them boost their ability to improve detection and contain cyberattacks by almost 25 percent.
That’s a significant improvement in today’s world where cyberattacks are a dime a dozen.
This year alone, Australian businesses, for example, have been the victim of a dozen serious cyberattacks that have impacted profits, citizens, and even regulators.
Banks in the country, such as ANZ and CBA recently informed customers that an Australian stock exchange property valuation firm they were working with suffered a data breach.
As a result, some 137,500 unique valuation records and 1,680 supporting documents were made public — including 250,000 individual records. More recently, local media said that LandMark White’s CEO Chris Coonan has stepped down with immediate effect as a direct consequence of the data breach.
Last year, similar cyberattacks were suffered by giants such as Under Armour’s MyFitnessPal in the US and Singapore’s SingHealth closer to home in the APAC, along with many other more popular incidents.
Although the Ponemon Institute found that automation helped many organizations, it found that a vast majority of organizations surveyed are still unprepared to properly respond to cybersecurity incidents.
Seventy-seven percent of respondents indicated that they do not have a cybersecurity incident response plan applied consistently across the enterprise.
In a bid to assess the savings created when a cyberattack is contained quickly and effectively, the Institute referred to a previous study and concluded that companies who can respond quickly and efficiently to contain a cyberattack within 30 days save over US$1 million on the total cost of a data breach on average.
Automation obviously plays a significant role when it comes to being quick and effective in the aftermath of a cyberattack — which is why the Ponemon Institute was keen on evaluatig the impact of automation on cyber resilience in their study this year.
In the context of their research, automation refers to enabling security technologies that augment or replace human intervention in the identification and containment of cyber exploits or breaches.
These technologies depend upon artificial intelligence, machine learning, analytics, and orchestration.
When asked if their organization leveraged automation, only 23 percent of respondents said they were significant users, whereas 77 percent said they only use automation moderately, insignificantly or not at all.
Organizations with the extensive use of automation rate their ability to prevent (69 percent vs. 53 percent), detect (76 percent vs. 53 percent), respond (68 percent vs. 53 percent) and contain (74 percent vs. 49 percent) a cyberattack as higher than the overall sample of respondents.
According to a previous study by the Institute, the failure to use automation is a missed opportunity when it comes to strengthening cyber resilience.
Organizations that fully deployed security automation reported saving up to US$1.5 million on the total cost of a data breach, contrasted with organizations that did not leverage automation.
“Automation plays an increasingly important role in cybersecurity programs. Automation serves as a force multiplier by taking routine tasks off the plate of the cybersecurity team and allowing specialists to focus their effort on adding higher-level value to the organization,” said IDC Adjunct Research Analyst Mike Chapple.
The reality is, given the lack of talent in the cybersecurity space and the growing surface area vulnerability and sophistication of attackers, businesses need to focus on bringing more automation into their cybersecurity strategy.
The sooner businesses get started with automating their cybersecurity detection and defense capabilities, the sooner they will be able to test these out and ensure they’re less attractive of a target compared to peers in the same space.