Do you really have control over your current security investments?

How to Leverage Automation to Secure Your Remote Workforce

Adopting end-to-end security automation is a top priority for most enterprises – but the rapid shift to remote work models has forced many organizations to accelerate their adoption of automation. Faced with new challenges of reestablishing baselines and a growing number of endpoints, how can security teams leverage automation to maintain visibility and secure their remote workforce?

In the fourth webinar in our series on securing remote workforces, ReliaQuest VP of Product Management, Jason Pfeiffer, moderates a panel of security experts who provide practical guidance on leveraging automation for faster response. The panel, consisting of Joe Partlow, ReliaQuest CTO, and Chris McFarland, VP, CISO at Abercrombie & Fitch Co., offers the following advice:

1. Update your security automation playbooks to reflect your new baselines.

As organizations switch to remote operations, baselines around insider threat and user behavior analytics must be reevaluated to reflect your new normal environment conditions. Look at use cases around geo-tracking and login times, as users are now working from different locations and at times of day they likely didn’t work before.

As your security team establishes what the new normal looks like at your organization, update your security automation playbooks to reflect corresponding anomalies to decrease false alarms and allow faster response.

2. Take a risk-based approach, prioritizing automation that enables business continuity and consistency.

As the economy has also shifted to a largely online dependency over the past weeks, enterprises across varying industries must reevaluate their security priorities to align with new strategies to generate revenue.  Those in retail, for instance, have been forced to quickly switch over to an almost exclusively digital business model.   Security professionals must make critical decisions to balance security and confidentiality while keeping their digital business available at all times.

To decide where to focus your security automation efforts, start by working with executive peers and stakeholders to detail how your business priorities have changed, as well as changes to where your sensitive data lives.  From there, you can determine the greatest risks to the evolved business. For many security professionals, this results in shifting focus to redoubling endpoint protection. Automation can then be used to push out patches and updates on your endpoints, saving time and energy from doing these processes manually and improving consistency.

3. Think of creative ways to leverage automation, including among your operational teams to streamline processes.

As IT and security operations teams get pulled into multiple directions, enterprises should look for ways to automate mundane tasks to free up time for these teams to focus on higher business priorities.  This means looking at automation creatively, beyond just running scripts.

For example, you can leverage automation when determining what insider events are malicious or merely a result of users adjusting to a new remote lifestyle.  One creative way to do this is to send automated surveys to users, in which you can request specific feedback on ways they’ve adjusted to working from home.  By automating these feedback loops, you can identify where your greatest user risks are, and address these by tuning alerts or providing user awareness training.

During this time, it is essential for businesses to take advantage of any opportunities for improving efficiencies. By establishing new baselines and leveraging automation in creative ways, enterprises can work towards faster and more consistent response, all while enabling business continuity and decreasing risk.

What steps are needed to set your team up for end-to-end security automation success?

Watch the 10-minute webinar to find out: Ready, Set, Automate!

More Articles

3 Signs It’s Time to Rethink Your Security Operations Strategy

Today, the security industry is over-saturated with technologies and tools. While many enterprises have established or are setting a foundation for their security operations with Security Information and Event Management (SIEM) and Endpoint Detection and Response (EDR), there are countless point solutions arising to extend them, from SOAR to CASB, UEBA and more. Although each […]

4 Highlights From ReliaQuest’s Week At RSA Conference 2019

The RSA Conference is the largest security conference in the world, with more than 50,000 security experts in attendance last week for the event in San Francisco. ReliaQuest, a global leader in cybersecurity, used the opportunity to meet with customers and prospects, and educate the industry on new trends and technology. Here are 4 highlights […]

5 Ways to Use Continuous Attack Simulations to Validate Your Security Controls

How confident are security teams that their controls will catch attacks when they arise? Ask around, and you might notice a theme: as enterprise security models grow in complexity, teams struggle to validate their security controls, increasing the likelihood of undetected breaches, gaps in protection, and weaknesses from unpatched systems. These scenarios are indeed worrisome, […]