What are the benefits of Cybersecurity automation?

While zero-trust cybersecurity architectures are in trend, everyone in federal IT security seems to be holding onto it. What underpins the move to zero-trust is automation.

Experts, including inside and outside the government are addressing for accelerated adoption of cybersecurity automation. Automation tools can identify if a user is accessing a network or a piece of data, and also can automate response sending alerts to analysts. This could save time and money of an agency and allow cybersecurity analysts to focus on analysing data and come up with new security strategies.

According to GCN, Mike Witt, Associate CIO for cybersecurity and privacy at NASA, said, "We've got to get away from the mind-set of 'you can account for every alert.' You've got to embrace orchestration and technologies- artificial intelligence, machine learning. You have to embrace this." He further added, "You have to take advantage of playbooks and push your teams to make a lot of these automated responses, so that you can focus on your limited analyst power on some of the more exciting things."

DOD Leads to Cybersecurity Automation

Wendi Whitmore, vice president of IBM X-Force focuses on incident response and threat intelligence, states, "Anything working under U.S. Cyber Command, which is much of the military, is a fantastic example."

"Although the costs of data breaches in the U.S public sector is likely higher than average, federal agencies are leading the way on cybersecurity automation and orchestration," Whitmore adds.

This Year's IBM's "Cost of a Data Breach Report" released on July 29 "is the first time a study could analyse how cybersecurity automation tools impact the cost of data breaches, " Whitmore explains Nextgov. Such tools were not broadly deployed to observe their effect up until now.

The DOD is continuing its use of cybersecurity automation technology. According to FedScoop reports, the Defence Innovation Unit issued another transaction agreement for a new prototype that will bring an "intelligent decision automation platform" to the Air Force Network.

The technique uses an older form of artificial intelligence and is based on data, instead of creating large neural networks. It also uses advanced probability based on mathematics, which speeds up decision making. The publication adds if the pilot is successful in the Air Force, it can be scaled around the military.

Benefits of Cybersecurity Automation in Government

Experts who do not belong to a government agency are lobbying for increased investments in cybersecurity automation. Vice president of Product Strategy at SolarWinds, Brandon Shopp argues that leveraging artificial intelligence and machine learning tools can help agencies improve their approach towards cybersecurity.

Shopp writes in GCN, "AI and ML enable security teams to be more effective with the resources they have. Next-generation automated security technologies can complete tasks such as identifying potential threats, detecting unauthorized behaviours, applying intelligence to qualify incidents, countering and blocking attacks and unauthorized movement of data before execution. As AI and ML become more prevalent in the security market place, agencies can evolve their cybersecurity architecture to respond to altering digital threats."

Organisations that have invested in automation and orchestration have lower values for data breaches such as $2.45 million versus over $6 million.

"And from that perspective, you can very easily map out to government and the federal sector, perhaps outside the financial services industry," Whitmore tells Government Technology.

"Certainly they've made the most investments in cybersecurity and in technologies that permit them to orchestrate the protection and defence of their environment and then automate the technologies they're using to do that," he adds.