SANS, the most trusted and by far the largest source for information security trainings and security certifications, has recently released the latest results of 2020 SANS Automation and Integration Survey Report, sponsored by SIRP.
The 2019 Automation and Integration Survey provided an overview of where organisations are in their automation/integration journey while this extension takes a deeper analysis into where organisations are focusing their automation efforts in core areas of cyber security, quantifying automation initiatives and more concretely explain how organisations are able to maximise their security investment while improving operations through streamlining efforts. In 2020, SANS wanted to get more detail about where organisations are focusing.
The survey conducted by SANS took responses from 520 respondents including security operations and incident response professionals to answer the questions and create a clear picture of the current state of automation, and where it is headed in the near future. Respondents were asked to quantify their successes more concretely in this year’s survey. The survey report includes all results and the chance to learn more about:
As the day-to-day practice of security operations matures, senior management starts asking security teams to demonstrate that their budget and activities improve the organisation’s security posture. Metrics are an essential tool for security pros to understand and demonstrate how their systems and processes support the business— well-designed metrics support data-driven decisions.
There is clear progress being made in automation and integration, organisations are investing in these projects, with increased budget to support them. They are giving a higher degree of priority and attention to projects that make staff, security operations and incident response work more effectively and smoothly.
"It's been said many times that people are the most valuable asset to an organisation," says SANS analyst and security operations expert Don Murdoch. "The 2020 A&I survey results show that organisations are making strategic investments that will improve day-to-day operations in order to maximise staff, support staff working smarter, and improve both security operations and incident response. Automation is expected to bolster all around improvements for both people and processes in most cases, not used as a method to reduce head count."
These results without a doubt indicate that SOAR is bound to position itself as a mandatory technology in the battle against sophisticated cyber threats, and the good news is more and more clients are becoming aware of that. Having said that, our Risk-Based Security Orchestration And Automation Platform, SIRP fuses essential cybersecurity information to enable a unified cyber response. Through a single integrated platform, it drives security visibility, so decisions can be better prioritised and response time is dramatically reduced.