The Best and Worst Tasks for Security Automation

As with all new tech, there are good times and and bad times to use it. Security experts share which tasks to prioritize for automation.
Do Automate: Identity and Access Management
Do Automate: Patching
Do Automate: Nonsophisticated Malware Detection
Do Automate: Data Protection
Don't Automate: Social Engineering Attacks
Don't Automate: Penetration Testing

Automation may change the nature of security jobs, but it won't be taking them away anytime soon. While great for some tasks as more of a supplementary tool, other tasks are still best left fully for people.  

Where you decide to automate depends on where the benefits outweigh the risks, says Rob Boyce, managing director at Accenture Security. And the level of risk you encounter depends on how you approach the process and which tasks you choose to automate.

While automation tools have come a long way, there's still room for improvement, he adds. Decisions remain about how it should evolve and where it fits in the business. In its current form, the tech works well for simple tasks but hasn't advanced to address complex ones.

In addition, the machine-learning algorithms powering automation are still imperfect. "Machine learning isn't always a yes or a no," says Corey Nachreiner, CTO at WatchGuard Technologies. Oftentimes people still need to analyze results to determine what they mean.

Automation, Boyce says, requires a thoughtful approach. Here, Boyce and Nachreiner weigh in on which security tasks can be prioritized for automation, and those where it doesn't quite work. Where have you implemented automation so far, and where have you found it most effective? Feel free to share your story in the comments.

Why Cybercriminals Attack: A DARK READING VIRTUAL EVENT Wednesday, June 27. Industry experts will offer a range of information and insight on who the bad guys are – and why they might be targeting your enterprise. Go here for more information on this free event.

Next slide
Recommended Reading: