Best practice: Security operations automation before orchestration

October 24, 2017 Jon Oltsik

Based on numerous conversations with CISOs, I've learned there is widespread interest in automating and orchestrating security operations. In fact, lots of enterprises are already doing so. According to ESG research, 19 percent of enterprise organizations have already deployed security operations automation/orchestration technologies “extensively,” while another 39 percent of enterprises have done so on a limited basis.

Now, we tend to lump automation and orchestration together, but there are vast differences between the two. In a recent survey on security operations, ESG defined the terms:

Automation refers to using technology to automate some type of security operations task. For example, an organization could create remediation rules by using indicators of compromise (IoCs) found in threat intelligence to generate rules for automatically block malicious IP addresses, web domains, and URLs. Typically, automation refers to a single process or task.

To read this article in full or to leave a comment, please click here

Read more...

Previous Article
Food Services Giant Moves Securely to the Cloud Over a Single Weekend
Food Services Giant Moves Securely to the Cloud Over a Single Weekend

When one of the world’s largest food services companies needed a better way to connect its vast distributed...

Next Article
IoT security is critical, hard, achievable: 3 best network practices
IoT security is critical, hard, achievable: 3 best network practices

The rapid adoption and deployment of IoT devices is a significant contributor to digital transformation. To...

Meeting Request: Pick a date and time to have a phone meeting with a Fortinet Security Advisor

Schedule Now