Organisations all over the world are using automation to handle vulnerabilities, but they're not using the technology in all areas where they could, and that's a problem.
The results were posted in a new report by Skybox, entitled 2016 Trends Report: Analyzing the Attack Surface. It surveyed 275 IT professionals at enterprises and government agencies that have more than 500 employees. It says that organisations use automation to find and prioritise vulnerabilities in their networks, but are least automated when it comes to data gathering related to cloud-based systems, and when it comes to remediating firewall rules violating policies and regulations.
The report gives an example: 92 per cent automate server vulnerabilities detection, but just 54 per cent automate security controls assessment on cloud-based systems.
“The lack of an automated approach among so many organizations is alarming, especially when you consider that the industry is experiencing a severe shortage of security professionals,” said Skybox Director of Product Marketing, Kevin Flynn.
“And in the very near future, regulations will become more burdensome — and the consequences of not meeting those regulations more painful — so organizations should really be investigating tools that automate configuration, vulnerability and policy management.”
Most organisations automate patch pushing processes, but some (between 44 and 53 per cent) do pretty much everything else manually. That includes fixing server and network device misconfigurations, systems and data rules and firewall policies. The full report can be found on this link.
Image source: Shutterstock/Vasin Lee