Improve Your Security Posture with Automation

Today’s fast-changing economic climate is pushing CISOs to do more with less while still reducing risk to their environment. Automation can play a role in increasing efficiency and improving security posture. In this blog series, Broadcom Software partner Braxton-Grant will look at the key factors to consider when implementing automation in your network.

Cybersecurity attacks are on the rise. In fact, Google recently reported there has been a 300% increase in state-sponsored cyberattacks targeting users in NATO countries, compared to 2020. Organizations need to improve their security posture while also increasing efficiency to successfully compete during these uncertain economic times. 

Security posture is your state of cyber readiness – it’s the corporate guardrails, from policy to tools to training, that protect your organization. These corporate guardrails can be raised or lowered (think of it as your security “dial”) based on your risk tolerance. Security policy automation can measurably improve your security posture, yet today the majority of security automation is reactive – organizations only create, deploy and automate new controls after a security incident.

Today’s fast-changing business conditions require organizations to take a more proactive approach. Also, policy can get stale and out-of-date. You don’t want to invest your resources in automating policy that is no longer critical to maintaining your security posture. In future blogs in this series, we’ll examine the importance of policy auditing and cleanup before you decide what policy to automate.

The Benefits of Security Policy Automation

What is a security policy? Security policy essentially comprises the rules for your security program and is the foundation for maintaining your security posture. These policies should continuously be updated as technologies, vulnerabilities and security requirements change. There are numerous benefits for automating security policy. Below are just a few to consider:

• Resource Utilization: Today organizations constantly need to do more with fewer staff and other resources. Automation can reduce team hours spent on low risk, repetitive tasks so they can prioritize and maximize their time on other projects.
• Optimization: Runbooks are a set of standardized written procedures for completing repetitive information technology (IT) processes within a company. Automation can optimize your runbook processes while reducing the risk of human error when the same tasks are handled manually.
• Configuration Management: Configuration management is a governance and systems engineering process used to track and control IT resources and services across an enterprise. For business leaders, configuration management is a valuable instrument in security, business governance and compliance efforts. Automation can help enforce an organization’s security rules to meet compliance requirements.

Let’s take a look at a real-world example of how policy automation was used to improve resource utilization and deliver a strong security posture.

Using Automation: Think Out-of-the-Box

As a longtime Broadcom partner, we work closely with customers across all verticals to improve their security posture. One of our customers, a financial institution, had users who repeatedly requested – and were blocked – from accessing a website; each request created a ticket that had to be handled, investigated and approved by a single person. The customer wanted to create and automate a new policy that would check and approve these repeat user requests that posed a low risk to the organization.

The financial institution was using Broadcom products, but was not using Automic Automation at the time. As we will discuss in future blog posts, one of the keys to successful automation is using the right tool. Automic Automation is a Broadcom product suite that provides workload automation for IT services across diverse platforms, applications, and operating systems. This includes batch processing and job scheduling, among other capabilities. Although it is a universal platform for doing automation, we had never viewed Automic Automation as a platform to facilitate network security automation – until now.

We decided to think “out-of-the-box” to solve this particular customer security policy automation challenge. We deployed Automic Automation, which quickly became the glue to help assist the technicians who administer web policy to do their jobs without physically having to make the changes themselves. They didn’t need to log in at midnight to apply the policy change and approve the ticket; Automic Automation could apply that change for them and then they would just receive an email that confirmed, "Yep, job fired off. Policy was pushed."

Prior to this use case, Automic Automation primarily was used by DevSecOps to roll out new systems and configure components. This challenge by our financial customer provided us with an opportunity to find a way to apply the platform’s benefits from a network security perspective. In fact, the solution addressed a much larger swath of customer challenges than even the customer had specified.

Going Forward

After a quick assessment of its current business processes and security policies, the financial customer recognized that a new 24/7 approach was needed to deal with the growing number of user tickets. In this case, automation using the right tool, Automic Automation, was the answer. What processes or tasks should your organization automate? In the next article in this series, we will discuss the first part of your automation journey: Assessment. In the piece, we’ll look at why it is important to assess your current processes to better understand what can – and cannot – be automated.