WootCloud Blog

What’s Next: Intelligent SecOps Automation For The Unknown

Boosting Existing Security Platform Capabilities for What’s Next is Critical to Success and Survival

In December, we discussed how Research and Industry Leaders Agree – “What’s Next” is Happening to highlight our running theme of the confluence of IoT growth, 5G, WFA coupled with increases in cyberattacks from many angles creating an incredibly challenging environment for Security professionals.

Specific to IoT, we highlighted recent Forrester Research that showed 69% of enterprises claim to have more IoT devices on their networks than computers, and 84% of security professionals believe IoT devices are more vulnerable than computers.

On the bright side, Forrester also noted that in 2022, Intelligent Automation (IA) will generate $134 billion in labor value by enabling businesses to shift staff, skills and investment toward critical functions such as innovation, augmenting the customer experience or operational efficiency. Security will be parts of many of these.

Common Themes in 2022 Planning, “How Best to Overcome SecOps Challenges?”

  • How to reduce burnout among SecOps professionals?
    • CardinalOps discovered that 15% of SIEM rules lead to 95% of the tickets handled by a SOC, demonstrating that a small percentage of noisy rules overwhelm SOC analysts with distracting false positive alerts. Correct implementation of fine-grained alerting is critical for separating key security and operational signals from the noise.
  • How to get more leverage from existing security tools vs buying new ones?
    • Chris Hazelton, director of security solutions at Lookout, a provider of mobile phishing solutions, said it was a matter of doing the math to see how this is playing out. “Before COVID-19, SOCs were focused on securing one or more offices. Now, SOCs are focused on securing hundreds or thousands of home offices.” The ability to see all devices accessing the network and in your airspace across all users is essential. You can only manage what you can (see and) measure.
  • How to boost ROI for SOCs?
    • Ponemon reported nearly half of the organizations surveyed by researchers (45%) predicted salaries to jump an average of 29% in 2020. The report said that more than half the costs of running a SOC are labor-related, with the average cost of maintaining a SOC being around $3 million — $1.46 million for labor, and $1.4 million for everything else. Leveraging tools and solutions with AI/ML to augment this scarce and expensive talent pool is critical for your SOC’s success.
  • How to modernize SOCs?
    • The new generation of SOC technologies are being designed to solve issues around alert fatigue, tool inundation, disparate data sets, burnout and more. Security tools need seamless ingestion of telemetry and other IT and security tool data, use AI/ML proficiently, and have automation and remediation natively built into workflows.

For those of you in Northern California, WootCloud will participate in a CISO and security executive event in mid-March discussing this with tech leaders, other security firms, security firm investors, and security-focused partners.

Hyperautomation is Transforming Operations

Current conventional wisdom is that AI is the key to transforming any enterprise app or platform, but the reality is that currently most AI requires serious “ditch digging” in large pools of data to get to the point of benefiting an enterprise.  AI is only part of the transformational equation, and the second, and frequently missing part, is Robotic Process Automation or RPA. And when AI and RPA are correctly combined and applied, the result is hyperautomation.

The pandemic created an inflection point, prioritizing workers’ safety and the technologies needed to support them, and the labor shortage which began before the pandemic has become even more challenging constraint to deal with, which is accelerating the use of hyperautomation to improve process performance from the shop floor to the top floor.

A recent example in practice has been Deloitte used IBM’s AI-augmented RPA solution to transform a Latin American clients’ monthly reporting cycles, automating the generation and error-checking of reports garnered from dozens of sources, with a direct link to Central Bank figures so currency exchange figures were constantly updated. The total time spent on report generation went from almost two working weeks to just a single hour per month, while monthly the same Smart RPA reduced monthly travel expense report preparations from three hours to ten minutes.

Consider Intelligent Automation with Nuanced Controls for Security and Operations

Our mission, like yours, is to provide your employees, students, faculty and more with a safe, user-friendly and secure environment by:

  • Giving Full visibility – with RF and Network sensors seeing 100% of your devices and infrastructure encompassing all stages of attack – infiltration, persistence, and exfiltration
  • Reducing Mean Time to Resolution (MTTR )– with AI/ML-powered, automated remediation that drives >70% reduction in threat hunting times
  • Boosting User Experience – by reducing support ticket volumes, lowering alert noise for a >60% gain in operational efficiency (~1.4 FTE Service Savings per site/ per shift)

Each of these benefits on their own can offer 5-6 figure USD savings per year, shortening the payback period on your investment.

The perfect cybersecurity storm has arrived. Consider intelligent device and infrastructure security today.

To learn more in a zero touch, no obligation Demo or POC, please contact us.

Share this post with your network.

Share on linkedin
Share on twitter
Share on facebook
Contributing Authors:

Andreas Stenzel

Share this post with your network.

Share on linkedin
Share on twitter
Share on facebook

This website uses cookies to ensure you get the best experience on our website.