Artificial Intelligence & Machine Learning , Black Hat , Breach Notification
Unveiling Security Automation: Perception vs. Reality
Swimlane Co-Founder Cody Cornell on Future-Proofing SecOps With AutomationThe C-suite and boards are more involved in cybersecurity decisions than ever before, but executive leaders still have a huge disconnect between perceptions and operational realities. This gap leads to miscommunication and missed expectations that could pose great risks to the enterprise, said Cody Cornell, co-founder and chief strategy officer with Swimlane.
Swimlane's 2023 Cyber Threat Readiness Report found that 70% of executives think all security alerts are being managed - starkly contrasting the 36% of front-line employees who say alerts are being addressed.
"The hard thing about working in security ops is you have to be right all the time - unlike an attacker who has to be right once at a moment in time," Cornell said. "As an offensive team, you have to be right all the time. If you have this known gap of things being left unchecked, unresolved, unmitigated, then you have risk exposure."
While enterprises have embraced automation, it's often not embedded as a core competency. Automation is a journey, and it involves a maturation process. Organizations should evolve their automation capabilities through systematic adoption of frameworks, he said.
In this video interview with Information Security Media Group at Black Hat USA 2023, Cornell also discussed:
- Key highlights from the 2023 Cyber Threat Readiness Report;
- The challenges of perception mismatch in managing security alerts;
- How Swimlane's ARMOR Assessment helps security leaders identify security gaps.
Cornell is responsible for the strategic direction and development of Swimlane's security automation and orchestration solution. His focus on the open exchange of expertise allows him to work closely with industry-leading technology vendors and partners to identify opportunities, streamline and automate security operations activities that speed cyber response and enable security automation initiatives.