As any MSP that manages cybersecurity for its clients knows, keeping up with today’s threat landscape is no easy task. But it can be considerably more manageable when providers embrace a proactive security approach buoyed by automation.
A recent Omdia report argues that automating security tasks, such as attack surface management, is essential to adopting a proactive approach. Over the past year, 70% of “security decision makers” polled by the research firm have increased spending on proactive security solutions. Those expenditures “clearly outpacing spending on preventative and reactive solutions.”
That trend will continue, the report says. A third of companies with “a high level of security maturity” plan to increase proactive security spending by at least 15%. But the report cautions: “Proactive security solutions will not deliver their full potential without strong security automation capabilities.”
Paco Lebron
MSPs, too, are investing in security automation as they try to keep up with the threat landscape. ProdigyTeks is one of them. The company already has automated most of its security tasks, said founder and CEO Paco Lebron. “Currently 75% of our cybersecurity offering is automated while 40% of non-security-related services are still in the process of automating.”
Cybersecurity teams have automated some of tasks for years, leveraging AI to sift through massive amounts of data. But automation can go even further by automating individual tasks. Examples include threat detection, anti-phishing capabilities, threat hunting, vulnerability scanning, and even some incident response.
ProdigyTeks has automated Microsoft 365 security for the purposes of monitoring, mitigation, reporting and alerts, Lebron said. The MSP also has automated endpoint security, tying its systems to Microsoft’s identify management solution Entra ID and Windows Defender antivirus. Those solutions are linked to a Managed Detection Response platform that monitors and automatically isolates systems when they are compromised.
Automation makes the work “amazingly fast,” Lebron said. “It avoids the human error and allows for standardization at a scalable level.”
Accuracy and Speed
For MSPs, any opportunity to automate security tasks is welcome. The managed services model thrives on simplifying business processes with technology. That’s especially useful in a challenging area such as cybersecurity.
MSPs and cybersecurity teams always struggle to fill vacancies. Security certifications provider ISC2 estimates that currently there is a skills gap of 4.8 million cybersecurity professionals. The persistent skills shortage adds to the challenge of keeping up with cyber threats to update cyber defenses as needed.
“The only way to move faster than the threat actors is to automate,” said Peter Nicoletti, field CISO for security vendor Check Point Software Technologies. “Initial breach to data exfiltration time has gone from weeks to seconds and humans are not fast enough to react.”
Peter Nicoletti
Check Point offers a number of automated tools that MSPs and small businesses can leverage to improve security. That includes an email threat prevention and a data loss prevention (DLP) tool that steers users away from sharing sensitive data.
Automating security, Nicoletti said, helps MSPs reduce personnel costs. It enables MSPs to reassign employees from manual tasks to work that expands market share and improves margins. Automation also makes staff members far more efficient.
“A Tier 1 engineer gains a tremendous skill boost when they can have a conversation with a generative AI model trained on all the admin and user guides for a specific product. They can ask the same questions they would to a more senior engineer with decades of experience,” he said.
Automation, be it in security or other operational areas, is key to ProdigyTeks’ growth strategy, even though not everything can be automated, said Lebron. “There will always be parts that required human intervention, but we will get very close in the future.”
Next Steps for MSPs
To embrace an automated approach to cybersecurity, MSPs should:
- Evaluate Current Security Posture
- Assess your existing cybersecurity processes and tools to identify tasks that can be automated.
- Invest in Automation Tools
- Explore and implement security automation solutions that align with your operational needs, including AI-driven platforms for threat detection, phishing prevention, and endpoint protection.
- Integrate Automation with Existing Systems
- Tie automation tools into your current infrastructure. That includes linking endpoint security to identity management and MDR platforms.
- Leverage Generative AI for Efficiency
- Utilize generative AI to enable staff to efficiently handle administrative tasks, improve threat analysis, and reduce reliance on manual processes.
- Train and Upskill Staff
- Provide training for your team to effectively use automated tools, ensuring they understand how to manage and optimize these technologies for maximum impact.
- Develop a Proactive Security Strategy
- Shift from reactive to proactive cybersecurity by automating attack surface management, incident simulation, and risk prioritization.
- Monitor and Optimize
- Continuously monitor the effectiveness of your automated tools and refine processes as needed to stay ahead of evolving threats.
- Collaborate with Vendors
- Partner with security vendors offering robust automation capabilities and stay updated on advancements in automated security technologies.
Images: iStock
