Almost a decade ago, as organizations struggled to deliver projects and applications that met company-wide expectations and added business value, the DevOps movement—which combined software development with systems operations—was born.
In its early stages, DevOps was a term related mostly to company culture: By encouraging collaboration between employees in both the development and operations departments, organizations were better able to remove any obstacles that might keep a project from functioning and performing as intended. Recently, however, the term has grown to also describe a specific role within an organization: the individual who boasts the necessary skills to do both development (coding) and operations work.
The current cybersecurity threat landscape
As the cybersecurity threat landscape grows more perilous and SOCs are faced with thousands of security alerts every day—making it difficult for them to do their jobs effectively—what we need now is a similar shift in information security like the one that gave rise to DevOps; a merging of development and information security culture and personnel that eventually gives way to a new kind of professional well-versed in both development and threat resolution.
One way organizations can begin to develop these multi-faceted employees is by on-boarding new hires who possess coding expertise and giving them an in-house information security education. Of course, considering the growing number of alerts enterprises are receiving each day, managers struggle to find time to provide that internal security education. In many cases, seasoned IT security professionals also lack the skills required to craft complex querying, parse data and enable the multidirectional flow of data from one system to another, which is why they need to hire developers in the first place. While it may not be the silver bullet, security orchestration can help solve all of these problems.
Advanced capabilities of automated security orchestration
Security orchestration automatically enables complex interaction with various systems without the traditional deep technical understanding of every solution. That functionality allows senior team members to model complex capabilities that can be leveraged by all members of the team and is extremely valuable to an organization, as it enables junior and new staff with sophisticated capabilities and institutional knowledge that does not take months or even years to develop. Additional workflow provides recommended courses of action to team members when and if manual intervention is necessary, helping them get practical security experience to combine with development prowess they already possess.
As these developers become empowered with information security knowledge, they can begin to help better enable enterprises with more robust defense against cybersecurity threats through integration and data sharing.
In other words, it will be this new generation of professionals that will be best prepared to meet the formidable security challenges of the future.