By Leonid Belkind, CTO and Co-Founder, Torq
Security automation continued to have significant, positive impact across myriad cybersecurity applications in 2022, with enterprises adopting and deploying no-code platforms to significant success. However, the security automation vendor and customer ecosystem cannot rest on their collective laurels.
In 2023, cyberthreats will relentlessly continue apace with exponentially-increasing complexity and impact. And this will occur within an adverse macroeconomic climate. Many experts believe we are likely to experience a 2023 downturn, resulting in static or shrinking budgets, and pressure to do more with existing resources.
Here are some key challenges and opportunities the security automation community is likely to encounter as 2023 unfolds:
The Attack Surface Continues Expanding
Despite all the security awareness and training in the world, threat actors and their methods continue becoming more sophisticated, with novel, insidious new ways of deploying threats, and psychologically manipulating users. Therefore, the cybersecurity attack surface is likely to get bigger, not smaller.
The fact is there can be no standing on one’s laurels any longer and no organization will ever be 100% safe from human error. Security automation and zero-trust are proactive approaches that mitigate these issues, because they acknowledge that it’s not a question of if an attack will occur, but when.
Increasing Pressure to Maximize Value of Existing Security Stacks
The current economic climate dictates all enterprises become more efficient in their spending. IT and Security leaders will look for ways to derive maximum value from their existing tech stack, rather than adding more point solutions to it.
Security automation unifies existing security investments and harnesses their potential, enabling organizations to get more bang for the buck from them. Further, with no-code security automation, a broader range of employees are able to take advantage of and play a key role in achieving an optimal cybersecurity posture. Security automation truly goes far beyond cutting expenses, and enables organizations to become more secure, efficient, flexible, resilient, and future proof.
No More Dark Corners
The security automation ecosystem will open up, so previously disparate security systems can talk to each other. Cybersecurity cannot exist in a vacuum. Systems, applications, and tools must become interoperable and interconnected. Security automation enables the seamless bridging of these systems, bringing them together under one roof, for comprehensive management, monitoring, and measurement.
Security Automation Democratizes Security Processes
Security processes will become more of a shared responsibility, in which employees, R&D, DevOps, and IT are true partners and collaborators in protecting their organizations. For example, in 2023, security automation systems will likely expand to validate end users’ identities and enable them to have temporary security clearances to engage in system updates, credential retrieval, and remote access with dramatically minimized risk. This is enabled through integration across communications and project management tools, anchored by workflows that ensure accurate verification and access controls.
Shift-Left SecOps Comes to the Fore
Security automation will evolve from an addition to a security strategy to a fundamental pillar at the earliest stages of the security development lifecycle. Security automation is rapidly becoming critical from the outset of considering an organization’s security posture, as it transforms from “nice to have” to “critical must have” status. Cloud native technologies such as declarative APIs, microservices, and containers will make it easier for security teams to build security automation into their approaches.
Security Automation Becomes Collaborative and Social
Moving forward, it isn’t enough to create workflows on an as-needed basis. Rather, these workflows must be able to be replicated and shared between colleagues and partners. Once an optimized security workflow has been created, why silo it into one use case? Why not make it available for others to deploy?
This is analogous to the “open sourcing of security,” meaning workflows aren’t just one-offs. Instead, many can be reused and tweaked for different use cases, further saving time and increasing productivity. Security automation vendors will “bake in” collaboration and social sharing into their platforms, as well as provide a way to export data so it can be used across myriad analytics and BI tools.
Security vendors will also pursue creating comprehensive workflow libraries, in addition to template libraries, and make them easily available for instant deployment to their customers. This could occur via GitHub-style access.
Security Automation Closes the Cybersecurity Skills Gap
Security automation will enable more “non-security” professionals to enter cybersecurity. No-code security automation, with its prebuilt workflows and templates, will democratize cybersecurity as a profession, meaning it will eliminate technical barriers, and coding/development knowledge requirements, while enabling staff to deliver the most precise, reliable, and resilient cybersecurity posture possible.
About the Author
Leonid Belkind is a co-founder and Chief Technology Officer at Torq, a no-code security automation platform. Prior to Torq, Leonid co-founded, and was CTO of Luminate Security, a pioneer in Zero Trust Network Access and Secure Access Services Edge, where he guided this enterprise-grade service from inception, to Fortune 500 adoption, to acquisition by Symantec. Before Luminate, Leonid managed engineering organizations at Check Point Software Technologies that delivered network, endpoint and data security products to the world’s largest organizations.
Leonid can be reached online on Twitter, LinkedIn and at our company website https://torq.io
Source: www.cyberdefensemagazine.com