Leveraging automation to maximize security budgets

With the economic impact of COVID-19 increasingly looking like an imminent recession and the way we do work altered perhaps forever, CIOs and CISOs will most likely be managing reduced budgets and a vastly different threat landscape. With the average cost of a breach continuing to skyrocket, the already slim margin for error will shrink even further.

Automation can both mitigate inherent risks incurred from rapid ecosystem shifts as well as help IT teams re-evaluate long term spending once operations return to normalcy. By leveraging automated security tools, organizations can develop a dynamic understanding of the assets in their network, the risks most likely to be exploited, and the potential impact to the enterprise. The result is an always up-to-date, prioritized view of the most impactful moves an infosec team can make at any given time to minimize the likelihood of a breach.

The race to meet new threats

The rapid transition to remote work pushed a greater share of digital infrastructure onto new applications, as yet unproven in the enterprise, and distributed risk across potentially insecure employee home networks. 60% of IT teams say that COVID-19 has already impacted their role, a number almost certain to grow as the crisis evolves. Already stretched and under resourced, infosec teams must scramble to secure now widely used cloud, remote access software and collaboration tools.

That impact is just the beginning as organizations need to balance flexible infrastructure with security. Cloud security continues to be a major concern for the enterprise, with 4 in 5 users say they have encountered major security concerns. Some threats, like insecure devices on employee home networks, the same networks managed devices are now connected to, are largely outside the control of infosec teams.

Since malware is 3.75 times more likely to be found on corporate-associated home networks than corporate networks, employees connecting corporate devices to these networks introduces thousands of new endpoints to the threat landscape. With tens to hundreds of millions of security relevant signals to monitor on an ongoing basis, security is no longer a human scale problem. Without automation, infosec teams must prioritize based on guesswork and gut instinct.

Automation to the rescue

Malicious actors ranging from lone wolves to state-affiliated groups have been found to be taking advantage of the COVID-19 crisis at all levels, from phishing emails targeted at stressed employees to credential stuffing attacks aimed at popular enterprise applications.

With risk growing at such an exponential rate, automated management tools can help security teams streamline operations and better manage vulnerabilities. Successful infosec strategies start with asset inventory, an accurate, up-to-date inventory of the hardware and software assets connected to the enterprise network.

The focus needs to be on leveraging tools that keep a continuous, real-time inventory, not only categorizing each asset, but calculating business criticality as well. Since risk is a factor of the likelihood and impact of a breach, understanding business criticality is necessary when calculating impact.

Automated tools can track and inventory vulnerabilities across the entire enterprise attack surface, ranging from a user sharing the same password between work and personal applications to an outdated software version that is missing a critical patch.

The next step is prioritization: a security team lacking human capital is unlikely to have the time or resources to evaluate all vulnerabilities for potential impact and ability to be exploited. Automated risk management tools can streamline the process by analyzing both the immediacy of the vulnerability as well as the impact it would have. For example, if the password re-using employee has a high level of access across the corporate network, an automated security visibility tool could flag that as a higher priority need than the software missing a patch.

Automated prioritization ensures that infosec teams can maximize their resources and focus on vulnerabilities that pose the highest risk at any particular time, a key feature when the risk landscape is rapidly evolving.

Maximize security budgets: Ready for the long haul

Security teams are at the forefront of managing the impact of the current macroeconomic and societal reality. Combining smaller budgets with the need to deploy new devices and on-board new software tools means it is harder than ever to deal with escalating threats from hackers seeking to exploit the expanding digital enterprise. With automation, IT teams can effectively triage existing vulnerabilities and build a solid foundation for long-term security.