According to the results of a global survey conducted by Osterman Research, Understanding Security Processes and the Need to Automate; APAC is ahead of the U.S. and EMEA in terms of automation for processes involved in the management of firewall rules and security policy. The survey, which includes responses from 465 senior security leaders at large enterprises in the U.S., EMEA and APAC, reveals trends in the use of security automation, as well as artificial intelligence (AI) and machine learning (ML). Survey questions focused on workflows in firewall and security policy management and vulnerability management.
APAC is substantially ahead in using AI/ML in production as compared to USA and EMEA where the rate of adoption is still in early days, with few organizations using AI/ML in production — just four percent of respondents in EMEA, nine percent in the U.S.“Many organizations have significant deficiencies with regard to their firewall and security management,” said Michael Osterman, Principal Analyst of Osterman Research. “Most realize that they need to improve the way they manage security and policy, and they also realize that automating workflows and processes is key to these improvements.”
A few interesting trends from the survey:
· Cost is critical but not for APAC, only 35 percent in APAC ranked costs as the key driver for automation. They instead ranked the difficulty of managing the size and complexity of their network as the primary reason (43 percent), as well as being able to move skilled staff off mundane activities to higher value/skill security tasks (40 percent).
· Better visibility and context are still one of the key concerns when it comes to APAC. Organizations are still deficient in understanding network context and having visibility of firewall and security policy, including why firewall rules exist. 47 percent in APAC said they had only “minimal or some understanding.” 39 percent in APAC said they have only minimal or some understanding of how security changes impact their business: And it appears that identifying vulnerabilities continues to be a challenge, with 42 percent in APAC having only minimal or some understanding of what vulnerabilities exist on network devices.
· Security staff are bogged down with incident response processes, compliance management and making changes to the security infrastructure. Compliance management and security changes were noted as the top time takers for APAC.
· Security teams need help, with most organizations admitting they need to make major improvements in how they manage security and policy. The biggest improvements are needed in how organizations decommission applications: 54 percent in APAC say they do it “poorly or moderately.” Ironically, these are areas where automation can make a huge impact.
· Automation is an impetus for cloud migration. It’s no surprise that for many companies, migration to thecloud is having a significant impact on the automation of security policy changes. This is most notable in APAC where 43 percent of organizations said cloud is impacting the automation of security policy changes. Survey results also show that the clear majority of organizations are working on initiatives focused on security automation to support cloud environments.
While the journey to understand the key drivers for Security Automation continues, the good news is that security leaders have started on their automation journey. “Security leaders are facing a tough time balancing organization risk and value from automating. Though there are many areas, where it is essential to implement automation — and, in fact, where automation reduces risk. For example, collecting/gathering data for attack surface visibility and modeling, network change management and rule life cycle management. Networks are simply becoming too large and complex to manage manually,” said Gerard Sillars, VP-APAC, Skybox Security. If you’re not already working with a vendor in these areas, you should start looking for one.