Create a culture of knowledge sharing
Posted: Mon Feb 10, 2025 10:28 am
Automation is used in enterprises as a way to manage SOAR . Finding qualified security professionals is difficult, and automation is one of the tools that organizations use to reduce the staffing burden.
However, complex SOAR tools can be a source of anxiety for some organizations. The security team simply doesn’t know what they’re automating and can quickly become paralyzed by the fear that automation will inadvertently cripple the business. What if an automation tool shuts down a critical server farm or isolates it from the network in the name of improving security? The possibilities for disaster are endless.
The solution is to combine information, technology, and australia whatsapp data between the IT and security teams. The former already has a configuration management system and other operational tools that can be used to make automation decisions based on their actual business impact.
These tools can take into account various aspects, such as the business's exposure to risk, and make more informed decisions on how to respond when a security incident is detected. The key is to bring IT and security teams together and get them to share the knowledge that is readily available in the technologies they have already invested in.
Why does this silo still exist? A common excuse is that security needs to prevent access to certain sensitive documents, and therefore needs its own tools. But with today's technology, there is simply no need for separate tools or even separate processes, whether it's incident management, change management, configuration management, etc.
With this in mind, it is more important than ever to embed security into various value streams (e.g., the IT4IT reference architecture ) to ensure security for the business proactively, rather than after the fact. This is called “security by design.”
However, complex SOAR tools can be a source of anxiety for some organizations. The security team simply doesn’t know what they’re automating and can quickly become paralyzed by the fear that automation will inadvertently cripple the business. What if an automation tool shuts down a critical server farm or isolates it from the network in the name of improving security? The possibilities for disaster are endless.
The solution is to combine information, technology, and australia whatsapp data between the IT and security teams. The former already has a configuration management system and other operational tools that can be used to make automation decisions based on their actual business impact.
These tools can take into account various aspects, such as the business's exposure to risk, and make more informed decisions on how to respond when a security incident is detected. The key is to bring IT and security teams together and get them to share the knowledge that is readily available in the technologies they have already invested in.
Why does this silo still exist? A common excuse is that security needs to prevent access to certain sensitive documents, and therefore needs its own tools. But with today's technology, there is simply no need for separate tools or even separate processes, whether it's incident management, change management, configuration management, etc.
With this in mind, it is more important than ever to embed security into various value streams (e.g., the IT4IT reference architecture ) to ensure security for the business proactively, rather than after the fact. This is called “security by design.”