NASCIO 2021: Automation Is the Future of Cybersecurity, CISOs Say
Speaking on the same panel, Washington state CISO Vinod Brahmapuram agreed that automation was the future of cybersecurity, but also explained how cybersecurity is a business enabler. The pandemic elevated the visibility of cybersecurity functions, he said, and gave CISOs a seat at the table hosting business deliberations and decisions.
“Security officers have learned you are not just a reactive person. You have the opportunity more than ever now to be proactive. You are part of the business discussions,” Brahmapuram said.
Threat actors are far more sophisticated, he warned. More important, they are tremendously persistent. This persistence calls for automation that can keep up with unrelenting attacks around the clock.
“Cybersecurity done right is a business enabler,” Brahmapuram said.
Blyth underscored the importance of machine learning and automation as well as threat intelligence. These elements help CISOs adapt and evolve cybersecurity protections to keep pace with threats.
“The security operations center must evolve to incorporate all of those things,” Blyth said.
She recalled that Colorado’s SOC was staffed with three skilled analysts. However, when one analyst would depart for the private sector, colleagues would also be recruited. SOCs may benefit from automation, freeing analysts to handle a diverse range of tasks including scripting. This change in business may produce a wider pool of talent from which to hire analysts, Blyth said.
“There are better things for analysts to be doing with their time than looking at their monitors,” she said.
MORE FROM STATETECH: Find out how agencies can guard against a new wave of phishing attacks.
Training Employees Remains Critically Important for Security
Blyth recalled that when Colorado sent employees to work from home when the COVID-19 pandemic struck in March 2020, many had never previously used VPN tools. Even using a long-trusted technology, they still required training to do their jobs.
Similarly, the Colorado Governor’s Office of Information Technology had instituted two-factor authentication for accessing state networks remotely, but many employees never had to use the security measure before 2020.
“We had already rolled out two-factor authentication, but we still had to teach a lot of people how to use two-factor authentication,” Blyth said.
Training also can open employees to adopting new things, Blyth said. Some information specialists still resist cloud because they don’t know the cybersecurity capabilities of cloud computing, for example. “If you haven't trained your security teams, they are going to be resistant,” she said.
Check out more coverage from the NASCIO 2021 Annual Conference and follow us on Twitter at @StateTech, or the official conference Twitter account, @NASCIO, and join the conversation using the hashtag #NASCIO21.
Gloss