How to automate incident response effectively

“The risk with automation is that you may start missing things.”

Greg van der Gaast, Head of Information Security at the University of Salford  talks to Jeremy Swinfen Green about how to avoid the risks of automating cyber security.

Greg van der Gaast will be speaking at the teissR3 | Resilience, Response and Recovery summit taking place online, 15 – 24 September.

This year, the very popular teissR3 event focuses on how to improve your organisation’s cyber resiliency and adopt best-practice in incident response and crisis management in a post-COVID-19 world. Space is limited. Register your free place by clicking here.

Video transcript

How effective is it to automate incident response? What are the risks with this sort of approach and how can they be mitigated?

I think it’s an interesting point. I think there’s a sweet spot to it, because automation is obviously good. You don’t want people to be doing tedious, repetitive tasks all the time. It’s bad for resource, it’s bad for morale, there’s little value to it. You should have your people do better things than that.

I think the risk with automation is, you may start missing things, and that’s where I think it’s very important to just keep thinking. Even if you’ve automated something, whatever it is you’ve automated, keep it in mind, and think, what might we be missing? And always remember what you have, in terms of automation. I think a lot of people with automation is people automate something, then forget about it.

You have to keep it into consideration. You have to keep thinking about how you think you’ll interact with that, and that will usually allow you to improve your automation and make you also realise things that maybe you should revisit or maybe things that you shouldn’t automate. So I think it’s very important to just keep thinking about– keep in mind what you’ve kept automating. Just so that things don’t start falling through the cracks or your silo you’re thinking away from what you think has been dealt with, because security is always unpredictable.

Copyright Lyonsdown Limited 2021

Top Articles

RockYou2021 data leak: 8.4 billion passwords compromised

A report shows that 100GB of data which includes 8.4 billion passwords have been recently leaked on the internet, people are being encouraged to secure their accounts.

Hackers Breach Electronic Arts & Steal Game Code

Electronic Arts, one of the world's biggest video game publishers including games such as FIFA, Madden, Sims and Medal of Honor, are the latest company to be hacked.

JBS Foods paid £7.7m in ransom to REvil ransomware gang

JBS Foods, the world’s largest processor of beef and poultry products, has admitted to paying a ransom of $11 million to cyber criminals, a week after it announced that operations…

Related Articles

[s2Member-Login login_redirect=”” /]