I often talk about automation in my articles and it's a hot topic in general – a quick Google search reveals more than 100 million results for security automation. Given the global shortage of cybersecurity professionals, and the volume and velocity of increasingly sophisticated threats we all have to deal with, humans can't go it alone. Automation helps get more from the people you have – handling time-intensive manual tasks so they can focus on high-value, analytical activities. But the catch with automation is that it has to be applied at the right time in the security lifecycle in order to be effective.
You've likely heard the phrase: "dirty data in, dirty data out." Jumping to the end of the security lifecycle and using automation to take action – like automating playbooks and automatically sending the latest intelligence to your sensor grid (firewalls, IPS/IDS, routers, web and email security, endpoint, etc.) – can backfire. Without first aggregating, scoring and prioritizing intelligence you can actually exacerbate the dirty data problem.
[...] But with the sheer volume of threat data continuing to climb at a staggering rate, we need to start with the threat – automating how we gather, score and prioritize threat intelligence. Otherwise we're just amplifying the noise, wasting precious resources and hampering security – and that's the dirty secret.
(Score: 2, Insightful) by anubi on Friday September 22 2017, @12:22PM
My own feeling is we have made something so complex that it is no longer manageable.
Our DNA is only 3 GB [google.com] of code...( uncompressed at that! ). How many GB of code does the current digital beast consume? We hardly are beginning to understand the slightest snippets of DNA. And we know there are biological viruses out there that could do us in big-time. Yet we enforce ignorance for our computational infrastructure? Only some entity with ignorance of how computers actually work combined with the authority of Congress would do such a thing.
All this legal "rights protection", electronic locks, obfuscation, and legally enforced ignorance of how stuff works is not helping one iota.
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]