Security Automation Begins With Visibility
- The key point for security is knowing what you have, and being able to monitor and log all activity related to those IT assets.
- More advanced tools can identify and track unusual activity and provide information about exactly what was happening in the network at the time the activity began. Taking action is the ultimate goal, and this, too, is becoming automated.
“You should be automating everywhere you can, but you can’t just
start automating out of the gate.”
Maintaining security depends on three things: being able to see and collect activity data, being able to interpret the significance of that data, and being able to act on the data. Because of the complexity of today’s IT environments and the need to respond quickly to threats, automation plays an essential role in each of these areas. “You should be automating everywhere you can,” says Steve Stonebraker, principal security architect at a financial-services company. “But you can’t just start automating out of the gate.”