Connect With an Advisor
Home | Resource Center | Articles

June 14, 2023

Dean Flores

Principal, Risk Advisory Services Leader

Atlanta, GA

678-510-2820

[email protected]

Related Services




< Back to Resource Center

Boost Your Cyber Compliance with Automation

Protecting your enterprise may seem like an impossible task, with current statistics stating that there are over 2,200 cyberattacks in a single day – averaging one attack every 39 seconds.[1] The reality is that there are many threats and threat actors to avoid a compromise, and a so-called “assumed state of compromise” is truer now more than ever when describing how organizations should address their cybersecurity approach.

Why is cyber such a challenge for most organizations?

For starters, humans are not inherently well-skilled at security due to thinking in the short term rather than valuing long-term risks (e.g., technology debt, application modernization and overall bad information technology (IT) hygiene). Only a handful of organizations have allocated the appropriate capital, organizational support and management commitment to adequately take on enterprise cyber risk.

So, what can most organizations do in the face of such overwhelming odds? While there is no silver bullet for cyberattacks, nor can you manage all cyber risk outside of the organization, there are proactive steps that a Chief Information Security Officer (CISO), Chief Risk Officer (CRO) or executive management can take to improve your cyber posture.

Is the problem too big?

One of the crucial first steps in addressing your cybersecurity posture and defenses is defining your risk tolerance while limiting exposure and attack vectors via automation, therefore reducing the opportunity for human errors as much as possible. This can be challenging for many reasons – namely, it will require a shift in how infrastructure, applications and data are delivered and managed across the organization.

While external breaches may garner the most attention from headlines in the news, the reality is that the biggest risks can originate from internal threats. While some of those internal threats are malicious in intent, such as financial fraud, most are human errors across stretched IT resources, end users being allowed to execute functions to which they should not have access and misconfiguration of technology. Technology debt, or the cost of maintaining outdated systems rather than investing in better solutions, and poor IT hygiene play a significant role as well.

If you ask many IT professionals about their biggest challenge, they may likely say that it is the velocity of change and the required change management as a result. The comfort of on-premises data centers has given way to the ultimate hybrid environment of on-premises, multi-cloud and edge computing. New architecture models such as containers and serverless environments have only added to the complexity. Keeping up with how to architecture, operate and support the environment is 24/7 job – adding the multi-dimensional view of cyber risk on top of that has only added to any stress in the system. The regulated nature of using data globally only makes matters even more complex.

Where to Start for Cyber Automation

Automation continues to become an essential piece of an organization’s cybersecurity protocol. Maintaining a secure and compliant environment through manual operations is no longer feasible. While the use of automated tooling is not a panacea, for many organizations it is a lifeline that they cannot afford to ignore.

Taking a step back can help you identify the tasks that are prime for cyber automation, such as:

  • Configuration Management – set the stage, then automate
  • Package Management – patch, hardening, provisioning, IT service management (ITSM)
  • Workflows – turn processes into code as much as possible
  • Cyber hygiene – vulnerability identification, cyber governance, policy and standards compliance, continuous integration/continuous deployment (CI/CD) pipelines, end of life compliance (EOLC)

There are tremendous opportunities across just the aforementioned tasks to automate. So, where do we start?

  • Work iteratively – recognize, measure and celebrate efforts along the way.
  • More specifically, implement a CI/CD model. As you automate each step of the CI pipeline, you can also automate the creation of compliance audit documentation in each step as well. This will free up those valuable engineering resources to focus on the roles they were hired to do.
  • Ensure everything is repeatable/reproducible.
  • Reduce any one-off tasks as much as possible. Ensure all steps and tasks are verifiable and auditable, and eliminate key-person risk as much as possible.
  • Celebrate the knowledge
  • As metrics solidify demonstrating the value of automation, communicate that message across the organization.  Also, acknowledge the learnings (via failures) of building the appropriate machines supporting automation.  For some, this will have already led to DevSecOps models, but for many, this is the first step in the transformation journey.
  • Culture carriers
  • Change is daunting, and automation introduces a series of substantial changes in how organizations work, measure, report and evaluate. Understanding the cultural and human factor impact is one of the key criteria for success.

Where do we go from here?

As organizations understand the benefits of automation, a natural increase in demand will occur beyond security, compliance and IT management.  Baby steps are key when starting out, and the more comfortable your organization becomes with automation, the greater the benefits will be. Windham Brannon’s cybersecurity practice is well-versed in helping organizations prepare and deploy a cybersecurity program that holistically addresses their risks. For more information, reach out to your Windham Brannon advisor today.
[1] Fox, Jacob. Cybersecurity Statistics for 2023. Cobalt. Dec. 27, 2022.