Best practice: Security operations automation before orchestration

Jon Oltsik

Based on numerous conversations with CISOs, I've learned there is widespread interest in automating and orchestrating security operations. In fact, lots of enterprises are already doing so. According to ESG research, 19 percent of enterprise organizations have already deployed security operations automation/orchestration technologies “extensively,” while another 39 percent of enterprises have done so on a limited basis.

Now, we tend to lump automation and orchestration together, but there are vast differences between the two. In a recent survey on security operations, ESG defined the terms:

Automation refers to using technology to automate some type of security operations task. For example, an organization could create remediation rules by using indicators of compromise (IoCs) found in threat intelligence to generate rules for automatically block malicious IP addresses, web domains, and URLs. Typically, automation refers to a single process or task.

To read this article in full or to leave a comment, please click here

Read more...

Previous Article
ETSI addresses cybersecurity risk management in new report
ETSI addresses cybersecurity risk management in new report

ETSI is taking on the growing cybersecurity risk issue by releasing its ETSI TR 103 456 report.

Next Article
MegaPath adds Fortinet security to its SD-WAN portfolio
MegaPath adds Fortinet security to its SD-WAN portfolio

MegaPath has integrated Fortinet cybersecurity technology into its SD-WAN portfolio.

Fortinet a Gartner Enterprise Network Firewall Magic Quadrant Leader

Read the Report