Labor Day has its roots in a 19th-century effort to celebrate the contributions organized labor unions made to advancing prosperity in the U.S. But in IT security circles labor as an issue has become a very hot topic in the 21st century indeed. Organizations are investing more in security automation with each passing day that makes extensive use of machine and deep learning algorithms to automate a wide variety of security tasks.
In fact, those technologies are now starting to seep into the IT infrastructure layer. For example, VMware at the VMworld 2018 conference this week unveiled a Platinum Edition of VMware vSphere that embeds VMware AppDefense security software in the hypervisor. That security software makes use of machine learning algorithms to make sure that applications only execute code that is specifically permissioned. Michael Adams, senior director for the cloud platform business unit for vSphere, says VMware expects that in very short time the platinum edition will become the default option employed by most IT organizations.
It’s becoming increasingly possible to respond in near real time to threats detected in the wild or when they already compromised systems. ~@mvizardClick To Tweet
Rather than solely focusing on protecting applications from known and unknown things that are bad, VMware is making a case for reducing IT security costs by employ artificial intelligence in the form of machine learning algorithms to shrink the application attack surface.
AI is also being broadly applied to defend against the known bad as well. It’s becoming increasingly possible to respond in near real time to threats detected in the wild or when they already compromised systems. Those capabilities substantially reduce the time it takes to respond to security incidents that can now travel throughout an organization in a matter of minutes.
At the same time, the provisioning and ongoing management of security are being automated as well. Sybox Security, a provider of cybersecurity management tools, published a global survey of 465 IT security leaders this week that finds that cutting costs, a shortage of cybersecurity talent and complexity of the overall IT environment are the top three drivers of investment in cybersecurity automation. The report finds that in terms of labor the top things IT security staffs are doing in terms of most time spent are incident response triage/prioritization and compliance management; firewall configurations and out-of-process changes.
While all these tasks are critically important, none of them really add value to the business. It’s little wonder then that many organizations are keen to automate as much of this effort as possible. In fact, one of the reasons there is so much interest in DevSecOps these days is to transform how security policies get enforced in a way that both serves to make security simpler for developers to embed security policies in their applications. The theory, at least, is this approach will dramatically cut down on the number of incidents that need to be investigated.There needs to be a conversation about how the management of IT security is about to evolve. ~@mvizard Click To Tweet
Of course, truth be told most cybersecurity professionals don’t especially enjoy wasting time on manual tasks that in most cases they recognize should be automated. But there does need to be a conversation about how the management of IT security is about to evolve. The good news is that as many of rote tasks begin to disappear, the long odds cybersecurity teams often face today should increasingly start to tilt much more in their favor.
Mike Vizard has covered IT for more than 25 years and has edited or contributed to a number of tech publications including InfoWorld, eWeek, CRN, Baseline, ComputerWorld, TMCNet, and Digital Review. He currently blogs for IT Business Edge and contributes to CIOinsight, The Channel Insider, Programmableweb, and Slashdot. Mike also blogs about emerging cloud technology for SmarterMSP.