Why automation in data protection?
Data protection is the next frontier. I realize that is a pretty bold statement and also have a feeling I know what you are thinking — the concept of data protection is not new! Couldn’t agree more and in fact, I have spent the past 20 years building two companies on the foundation of data protection. However, if you look at the evolution of overall cyber security over the last 20 years it hasn’t been all about the data — it actually looks a little something like this:
It started with protecting the perimeter with the advancement of firewalls and intrusion detection/protection systems (IDS/IPS). Next, security information and event management (SIEM) and log management entered the arena, focusing on bits and bytes. After the SIEM evolution, we witnessed the rapid adoption and money spent on threat management and malware, and then identity and access management (IAM). Throughout the entire cyber security evolution, data protection was lurking nearby, but never brought to the forefront as a strategic program.
For the past 20 years we have been throwing little knives at the topic – first with data loss prevention (DLP) technology and now with the cloud and encryption technologies. The problem hasn’t gone away, but instead it has intensified with the exponential creation of data. Whether it’s a web or email security gateway, DLP, cloud access security broker (CASB), or encryption — these tools are still generally siloed, and require human-intensive, manual interaction.
Automation dollars have been spent on every cycle of the cyber security evolution, which is why we are going to focus on automation for data protection in this blog.
What is automation for data protection?
After 20 years of throwing more people at the data protection challenge, we asked ourselves – how can we do it different and better at Cloudrise? We can automate. If organizations are going to put the money into multi-year digital transformation projects, it’s time to do the same with data protection.
So, the question really is…what is automation for data protection? At its most basic level, it is writing scripts to address business use cases and automate manual processes.
To do it effectively, you need to start with action-oriented automation strategy, and when I say strategy, I don’t mean a 75-slide PowerPoint presentation of what the ideal governance model looks like. You know this already, but to devise a strategy you need to start with an assessment of your current environment. What are your objectives for protecting your organization’s data? Those objectives have to be based on risk, which you probably already have a pretty good idea about and if not, we could help with that.
Where the real thought needs to be is applying the same concepts of digital transformation into data protection. What I mean by that is, think about…
- How many steps or clicks of a button does it take for an analyst to create a DLP policy, implement it, monitor it, and monitor the effects of it? Where does it get triaged? Is it something that goes to the SOC? Is that something that goes to the business?
- What manual tasks are being performed every hour, day, or week and who is performing those tasks?
- What is the level of effort and process involved in consolidating data across multiple disparate platforms and rolling up to an executive leadership reporting dashboard?
That scope needs to be defined and use cases need to be developed. Then, and only then, can you devise a strategy and determine what human-intensive tasks can be replaced and optimized through automation.
Let’s face it, data protection programs are very expensive, which is why so many organizations have outsourced over the years. Instead of spending the money on less-expensive talent that does not know the ins-and-outs of your business, consider transferring those expenses to automation, with the goal of reducing expenses over time.
Demystifying the automation process
In order to create automation around data protection you need different skill sets, and chances are you either have them inside your organization or you can partner with someone to assist. Even the largest of organizations may not be able to warrant the need for a full-time team to build data protection automation scripts, and to be candid, that’s not necessary.
The question is, if you DO have Golang or Python scripting talent somewhere in the organization, are you able to dip into those resources to assist with your automation project? Are they available beyond the initial development of the scripts to implement and manage?
If not, the other option is to partner with a company like Cloudrise. We bring our own in-house, US-based analysts and developers to the table with our customers. They are an integral part of understanding the business challenges and capturing the detailed requirements. They want to understand — how many clicks of a button does it take for an analyst to create a DLP policy, implement it, monitor it, and monitor the effects of it? Where does it get triaged? Is it something that goes to the SOC? Is that something that goes to the business, etc.? During the entire conversation, the team is asking themselves…does automation make sense for this use case?
Whether you want to call this rapid process automation, robotics, super automation — at the end of the day, what you’re doing is making a conscious decision that someone is going to write code. That code is going to address the requirements and yes, there is an up-front cost. You are going to have to house that code, monitor that code, if the code breaks for some reason you’re going to have to apply a fix to the code, and then you’re going to use analytics to determine how to continuously optimize that code.
That sounds like a lot, but in today’s environment it really isn’t. Once the requirements are captured, we can write the code and then hand it over to your team to manage, OR we can manage the entire lifecycle – continuously improving the automation. Our developers look for patterns across tools, use cases, and business challenges and are constantly honing their scripts. We have been in business for a year and with our first 30 customers, we constantly look for repetitive processes and determine ways to automate.
What’s nice about the scripts we write is they are standards-based, and at any point in time you can tell us you are ready to take the automation in house!
The future of data protection
Today, businesses are powered by data and the exponential growth of that data increases cyber risk exposure. In my opinion, you can look into the future through one of two lenses: You can take the approach of continuing to install new tools and outsource talent, or, you could put your pioneering hat on.
That’s what we’re trying to do at Cloudrise. We believe that the cost of building and maintaining automation will be far less than not taking a chance on it. Some of our customers have already realized a cost savings, which we have shared in a couple of our Case Studies. Our philosophy is, let’s invest in human capital to work on really innovative strategies and tactics to reduce data risk. By introducing automation, we can let those people dig into the business and understand where the real risk reduction areas are. If we do that, I think we’ll be in a good spot.
By Rob Eggebrecht