EDITOR ’ S QUESTION
TONY ZABANEH MANAGER , SYSTEMS
ENGINEERING , FORTINET
Automation might create some resistance among different team members in the beginning as being something new and out of the norm of what people have been doing for a while .
Process and operation automation are rather a long process and as you rightly said , it is a journey . As a security vendor we tend to advice and help customers when it comes to automation from an IT security point of view as automation – as an umbrella term – can get into almost every aspect of an organisation core and support functions .
Under the general circumstances , Automation provides many benefits , including faster response times , greater efficiency , and cost savings . However , to begin this journey , CIOs and IT decision-makers must follow a systematic approach that covers various aspects of IT security automation
A very first step is ideally to Identify the processes and operations that can be automated , the technology required , and the potential benefits , and that would require a detailed assessment of the current security operation and processes .
Once you have a clear insight towards which processes and operations that can be automated , a second task would be to identify the right technology and tools that can satisfy the organisation ’ s specific requirements .
Training IT security staff and operations for the new automation technology is important as it requires new skills and knowledge .
A later step would be to plan the implementation of automation technology , that is a critical step and especially for security focused solutions , and when done correctly the benefits would be phenomenal .
This would be due to fast response times to threats and its exposure , planning is normally done in a phased manner , starting with a few processes , and gradually scaling up . adequate resources , budget , and infrastructure to implement the technology effectively are key for a successful implementation .
Automation might create some resistance amongst different team members in the beginning as being something new and out of the norm of what people have been doing for a while , thus training of IT Security staff and operations for the new Automation technology is important as it requires new skills and knowledge in order for them to use the new technology effectively .
Automation of processes would require deep and tight integration between different technologies within the organisation , when it comes to security , relaying on an automation logic that might have gotten broken between different software upgrades can actually do more harm .
It is important to keep on monitoring the automation process and its outcomes with clear dashboards and clear views if anything goes wrong , it is also important to have continuous drills and tabletop exercises and simulations that sharpens the skill set of the IT staff , and as well tests the responses of the automation tactics you have in place .
In conclusion , CIOs and IT decision-makers must adopt a systematic approach to automation to ensure that the implementation is successful . A successful automation implementation can help organisations achieve greater efficiency , faster response times , and significant cost savings while improving the overall security posture of the enterprise .
34 INTELLIGENTCIO MIDDLE EAST www . intelligentcio . com