Intro 

Over the past few years, there has been a significant push to automate everything from driving a vehicle to home facilities management using IoT technologies. 

While we all love having something done for us automatically without effort, we should be cautious regarding which things we allow automation to control. 

A controversial topic! 

I won't give away my viewpoint on the idea of Cybersecurity automation. It's way too early to take a stance, even though I'm not going to lie, I certainly have one and have since I heard the buzzword years ago! 

Let's examine the topic to see if there is any plausible reason for automation within the realm of security or it's just another catch-all phrase that will find itself going the way of the doe-doe before too long. 

What is Automation? 

In layman's terms, we use automation to perform repetitive tasks that can be broken down into a set of linear and or non-linear steps. What better device to hand this to than a computer? Computers process information based on instructions passed to the Central Processing Unit and are designed to manage low-level tasks translating the output into something of utility for human consumption. 

Examples are the anti-lock braking (ABS) system on cars and temperature control management systems in refrigerators. 

Obviously, without automation in place, we as human beings would find ourselves tied up in a series of mundane tasks. Moreover, it can be argued that without automation, systems that we operate daily could pose a danger to human life due to user error! 

Why the Desire to Automate Cybersecurity?

Two groups of individuals within any organization look towards automation to solve their concerns with risk and workload/cost constraints. These groups are as follows: 

• Company Executives
• Cybersecurity Practitioners

For company executives, the highest existing risk to their business is cost. Frequently company leadership will look to automate things that will reduce their expenditures, including processes associated with regulatory compliance. After all, failure to meet some governing bodies' requirements will result in fines, sanctions, and loss of public trust. Either of these consequences directly impacts the bottom line. 

Cybersecurity professionals also concern themselves with cost but usually from a different lens. For instance, the level of effort ranks at the top, then capital expenditure when planning cybersecurity operations. This is due to the limited resource pool available to the organization at any point and time. 

Ultimately the reduction of risk, ease of use, and the lack of human resources are the main reasons for taking on a project to automate Cybersecurity or any of its domains. 

Is it Possible to automate Cybersecurity? 

Perhaps this is where the rubber meets the road. If you are reading this, I am sure you were looking for the hyperlink that takes you right to my opinion on the subject. Too bad this blogging platform does not offer such automation. Alas, ill find a code snippet to add to the HTML one of these days! 

Let me start by answering this question straight away! No, Cybersecurity cannot be automated! There are many reasons why the answer is no, but we will begin with a few. 

1. To properly implement cybersecurity measures, the solution must consider people, processes, and technology.
2. Cybersecurity measures are always relative to business needs and are driven by the risk tolerance of the business and its executives.

For instance, let's consider physical security methodologies. Could we eliminate the need for a gate guard outside of your organization's premises? Indeed, with today's technology, we could leverage biometric face scans to ensure that the person is who they say they are before entering. 

However, this would bring up the concern of data privacy and the requirements levied on the organization to protect Personally Identifiable Information (PII) from misuse. Also, reliable biometric devices could have a significant cost associated with procurement and maintenance. And who's to say that there isn't a hack that allows you to bypass a biometric scan? 

All these things and more would need to be considered before implementing some automated solution for identifying personnel before granting them entrance to the facility or a secured area. 

Gates, guards, and guns are a perfect segway into the second issue that we identified: the business's risk tolerance. 

We must not forget that some businesses and organizations process, store, and transmit sensitive information. As a result, the fiduciary responsibility is relatively high, and the consequences for failing to meet those responsibilities are congruent! 

As a result, many business leaders would opt to maintain a human guard to confirm and or challenge the entry of unauthorized persons. 

Why? 

Because in every process, there are always exceptions. Computers cannot adjust on the fly in their current state without being programmed to understand every state. If the state is unknown, the computer will almost certainly move to a manual process that requires the interaction of a human being.

There is artificial intelligence, but that is a topic for another day! 

Leadership will almost always use a physical guard to ensure that someone can be held accountable for the breakdown in security, irrespective of the badge reader! It will limit their risk significantly and allow them to communicate with a human being in the case of a security incident, not a biometric scanner thingamajig! 

Is there nothing in Cybersecurity that can be automated?

Yes, some things can and should be automated within the cybersecurity domain. For instance: 

• Vulnerability Scans [ Network / Software ] 
• Log Capture
• Policy violation reporting [ for example, privilege escalations ]
• Security Key Performance Data Reporting
• Account Provisioning / De-provisioning

The list could grow, but I'm sure you get the gist. Because most of these processes are pretty repeatable, exceptions can be predicted within a reasonable tolerance, and technologies for deploying the solutions are mature, they present themselves as candidates for automation. 

Conclusion



Processes and technology are conducive to automation. However, people have much unpredictability, and to automate a process, it must be predictable and repeatable. Many strides are ongoing to develop solutions focused on understanding and predicting human behavior, but we must remember that these solutions will add another layer of complexity to an already complex problem.

In a search for ease of use, never forget your ultimate goal: to provide security solutions that manage and or eliminate risk from your enterprise. 

I would love to hear your thoughts on this topic. Please leave them in the comment section. And until next time, please remember to deliver security while keeping business FIRST!