Security Automation Requires Different Skills
- Analysts who have invested a lot of time in developing their skills sometimes resist tools that can do certain things better and faster. They need to recognize they can use these tools to become even more effective as analysts.
- Failing to automate security processes that can be automated is a waste of resources. People are slower and more expensive. They should focus on things they do well.
“If you can write an algorithm to respond to an incident, then it needs to be automated.”
Don Welch, chief information security officer (CISO) at Penn State University, oversees security in a complex IT environment. “We have 24 campuses and 16 colleges with a total of 84 different IT organizations. We have hotels, residence halls, dining, retail, and healthcare. We even have an airport and a nuclear reactor. We deal with just about every compliance framework,” he notes. Welch maintains that securing all of this would not be possible without automation tools.