Finding security zen

When you’re focused on the small things, it’s easy to miss the big ones. Automation can help you rebalance

Imagine if every time you sneezed, stubbed a toe or had a slight itch, you reacted in the same way as if you had broken your arm, rushing to the doctor and raising the alarm. Aside from annoying your GP, you would also be wasting money and making it harder for anyone to realise when something is actually seriously wrong.

Advertisement - Article continues below

Thankfully, for the most part, we ignore these minor things, with our own immune system springing into action. This isn't just more convenient, it's also more cost effective and means that when something really has gone wrong, everyone can act appropriately and quickly. 

In many ways, this is what information security in businesses should be like, with IT professionals focusing on preventing bigger (and, indeed, real) threats, while the more routine monitoring and resolution is automated. 

Getting to know what's normal 

One of the most important things when it comes to monitoring the security of a company's systems is knowing what normal looks like. As each business is different, even if they are direct competitors operating in the same field, this baseline will vary from organisation to organisation. What's more, even within the same business, systems can look different from day to day the number of connections being made to corporate systems and data being accessed or transferred on a Saturday evening will look markedly different to a Monday morning. 

Advertisement - Article continues below
Advertisement - Article continues below

But getting to know these patterns of normal behaviour isn't easy and a human could easily miss a small blip that's the first indicator of something more serious on the horizon, or take it to be an emergency when it's a harmless anomaly. 

What's more, it's time-consuming, tedious and inefficient for organisations to pay an IT professional to monitor systems for signs of security breaches or breach attempts, not to mention impractical to have a person monitoring all day, every day. 

Much like the immune system is the body's automated monitoring and defence system, risk intelligence delivered through security information and event management (SIEM) tools can establish what's normal, monitor system operation 24/7, and raise the alarm when something is wrong - all without human intervention.  

Increasing business value 

Security monitoring automation tools do more than just improve efficiency and reduce tedium, however they also improve the value of IT staff to the business. 

Advertisement - Article continues below

Instead of focusing on whether all systems are functioning as normal and there is no suspicious behaviour going on, IT departments can instead focus on more strategic security initiatives. This could include developing and enforcing security rules and procedures, acting in an advisory capacity for new security investments, and preparing for and responding to large-scale attacks, such as a sustained DDoS or APT, should such an event be detected by the SIEM risk intelligence system. 

In most organisations, the IT professionals who deal with security are, in the main, not full-time IT security staff, so they are also given more time to attend to the other parts of their jobs. 

There when you need it 

The mantra that it's not a case of if a company will suffer a breach, but when, still holds true and this is as important a part of risk intelligence as the day-to-day automated monitoring. SIEM tools provide an early warning system, yes, and they do allow businesses to deal with a potential data-loss situation as quickly and efficiently as possible. But, equally importantly, they provide an audit trail. 

Advertisement - Article continues below

This vital for audit purposes, but it also gives IT departments the ability to easily determine where, when and how the compromise happened, and work out how to prevent it happening again. 

So when investing in risk intelligence and security monitoring automation systems, the question is not really can you afford it, but can you afford not to? 

Want to learn more about security monitoring automation? Click here to download a whitepaper. 

This is an independent article written by IT Pro, sponsored by SolarWinds MSP to celebrate thought leadership in IT. Learn more about SolarWinds' MSP Risk intelligence  and enjoy a free 14 day trial by clicking here .

Featured Resources

Navigating the new normal: A fast guide to remote working

A smooth transition will support operations for years to come

Download now

Putting a spotlight on cyber security

An examination of the current cyber security landscape

Download now

The economics of infrastructure scalability

Find the most cost-effective and least risky way to scale

Download now

IT operations overload hinders digital transformation

Clearing the path towards a modernised system of agreement

Download now



University of California gets fleeced by hackers for $1.14 million

30 Jun 2020
cyber security

Australia announces $1.35 billion investment in cyber security

30 Jun 2020
cloud security

CSA and ISSA form cyber security partnership

30 Jun 2020
Policy & legislation

Senators propose a bill aimed at ending warrant-proof encryption

24 Jun 2020

Most Popular


How to find RAM speed, size and type

24 Jun 2020

Microsoft releases urgent patch for high-risk Windows 10 flaws

1 Jul 2020

The top 12 password-cracking techniques used by hackers

12 Jun 2020