Security automation gains traction, prompting a "shift everywhere" philosophy

This year's findings revealed a clear trend of firms increasingly taking advantage of security automation to replace manual, subject matter expert-driven security activities to reduce cost and improve effectiveness.
Organizations embrace advanced automation strategies.
Greater automation has enabled organizations to embrace the shift everywhere philosophy, with automated, event-driven security testing increasing by 200% over the last two years.
Shift everywhere is a philosophy about the security testing and sensors that generate information for all stakeholders in the company, it's not rooted in increasing the security spend or effort.
Accordingly, shift everywhere is not adding more security for security's sake, instead, it's ensuring that every security stakeholder can knowledgably make risk management decisions.
As part of their mitigation tactics, many organizations are maturing their automation to go beyond defect discovery, expanding their scope to minimize the risk introduced by supply chains, taking a holistic approach to securing their applications and products, and leveraging capabilities that make security possible under these evolving conditions.
They're also increasingly adding AI into their ecosystems, which can increase productivity but also introduces new attack surfaces and risk.
Automation has led to a 68% growth in mandatory code review in the last five years.
Recent economic conditions have caused a reduction in expensive, subject matter expert-driven activities that are not easy to automate.
Centralized defect reporting and attack lists all decreased in usage by more than 17%. Organizations are embracing modern toolchain technology that allows security testing in the Quality Assurance stage to be automated - leading to a 10% growth in several related security activities.
Firms expect more from service providers and partners.
The report also found that customers have made valuable strides in improving the culture of security at their organizations.
Firms with security champion programs made up of developers, QA analysts, or architects in a security-enabler role, earned an average 25% higher Building Security In Maturity Model score than firms without one.
Firms are also demanding more from service providers and partners.
Expectations for strong vendor security practices grew by 21% as firms held vendors to standards similar to those they use internally.
Customers also reported that security processes made impressive progress adhering to industry best practices.
Organizations are increasingly building Software Bills of Materials, with a 22% increase in SBOM creation from last year.
Identifying and controlling open source risk increased by just under 10% from last year.
Not all trends are positive, and many companies have seen reduced security budgets.
Activities that rely on experts to perform manual tasks have seen declines as security teams seek to maximize their return on investment by focusing on automation.


This Cyber News was published on www.helpnetsecurity.com. Publication date: Mon, 11 Dec 2023 04:43:05 +0000


Cyber News related to Security automation gains traction, prompting a "shift everywhere" philosophy

Security automation gains traction, prompting a "shift everywhere" philosophy - This year's findings revealed a clear trend of firms increasingly taking advantage of security automation to replace manual, subject matter expert-driven security activities to reduce cost and improve effectiveness. Organizations embrace advanced ...
10 months ago Helpnetsecurity.com
How to Get Started With Security Automation: Consider the Top Use Cases Within Your Industry - As the cybersecurity industry has matured, so has the approach security teams take to making decisions about investing in security tools. Instead of focusing on the latest product or technology, security professionals are focused on use cases such as ...
9 months ago Securityweek.com
Energy-Efficient Home Automation: Saving the Planet and Your Wallet - Home automation solutions offer an array of benefits, from improved convenience to decreased energy bills. This article will explore the types of home automation systems available, as well as their cost and potential for energy efficiency. The ...
10 months ago Securityzap.com
AI and Automation - In recent years, developments in artificial intelligence and automation technology have drastically reshaped application security. On one hand, the progress in AI and automation has strengthened security mechanisms, reduced reaction times, and ...
10 months ago Feeds.dzone.com
Home Automation for All: Enabling Independence - As technology advances, home automation provides a sense of empowerment for elderly and disabled individuals. Home automation for the elderly and disabled reduces dependence on others and promotes independence in the home environment. Home automation ...
10 months ago Securityzap.com
Understanding zero-trust design philosophy and principles - In this Help Net Security interview, Phil Vachon, Head of Infrastructure in the Office of the CTO at Bloomberg, discusses the varying definitions of zero trust among security professionals and companies, emphasizing its broad design philosophy. ...
9 months ago Helpnetsecurity.com
Assess security posture with the Cloud Security Maturity Model - One aspect of enterprise IT that organizations want to be mature is security. To address this challenge, IANS and Securosis developed the Cloud Security Maturity Model, a framework to help CISOs set their cloud security goals through asset ...
11 months ago Techtarget.com
Embracing Security as Code - Everything is smooth until it isn't because we traditionally tend to handle the security stuff at the end of the development lifecycle, which adds cost and time to fix those discovered security issues and causes delays. Over the years, software ...
10 months ago Feeds.dzone.com
Cybersecurity jobs available right now: October 2, 2024 - Help Net Security - As an Applied Cybersecurity Engineer (Center for Securing the Homeland), you will apply interdisciplinary competencies in secure systems architecture and design, security operations, threat actor behavior, risk assessment, and network security to ...
1 month ago Helpnetsecurity.com
Why Automation and Consolidation are Key to Restoring Confidence in Cybersecurity - Our research shows that security leaders would need to find a 40% budget increase to restore confidence in their security posture. It's unsurprising that a lack of security skills and budget - both for training as well as general cybersecurity - are ...
10 months ago Securityboulevard.com
Best practices for secure network automation workflows - Automation plays a critical role in modern networks. It helps network engineers manage networks with fewer repetitive manual tasks for greater agility. Network engineers cannot automate - or secure - what they don't understand. Understanding network ...
10 months ago Techtarget.com
New Synopsys Report Reveals Application Security Automation Soars - Today, Synopsys released BSIMM14, the latest iteration of its annual Building Security In Maturity Model report. This comprehensive analysis delves into the software security practices of 130 organisations, encompassing leading companies across ...
11 months ago Itsecurityguru.org
New Synopsys Report Reveals Application Security Automation Soars - Today, Synopsys released BSIMM14, the latest iteration of its annual Building Security In Maturity Model report. This comprehensive analysis delves into the software security practices of 130 organisations, encompassing leading companies across ...
11 months ago Itsecurityguru.org
New Synopsys Report Reveals Application Security Automation Soars - Today, Synopsys released BSIMM14, the latest iteration of its annual Building Security In Maturity Model report. This comprehensive analysis delves into the software security practices of 130 organisations, encompassing leading companies across ...
11 months ago Itsecurityguru.org
New Synopsys Report Reveals Application Security Automation Soars - Today, Synopsys released BSIMM14, the latest iteration of its annual Building Security In Maturity Model report. This comprehensive analysis delves into the software security practices of 130 organisations, encompassing leading companies across ...
11 months ago Itsecurityguru.org
New Synopsys Report Reveals Application Security Automation Soars - Today, Synopsys released BSIMM14, the latest iteration of its annual Building Security In Maturity Model report. This comprehensive analysis delves into the software security practices of 130 organisations, encompassing leading companies across ...
11 months ago Itsecurityguru.org
New Synopsys Report Reveals Application Security Automation Soars - Today, Synopsys released BSIMM14, the latest iteration of its annual Building Security In Maturity Model report. This comprehensive analysis delves into the software security practices of 130 organisations, encompassing leading companies across ...
11 months ago Itsecurityguru.org
New Synopsys Report Reveals Application Security Automation Soars - Today, Synopsys released BSIMM14, the latest iteration of its annual Building Security In Maturity Model report. This comprehensive analysis delves into the software security practices of 130 organisations, encompassing leading companies across ...
11 months ago Itsecurityguru.org
New Synopsys Report Reveals Application Security Automation Soars - Today, Synopsys released BSIMM14, the latest iteration of its annual Building Security In Maturity Model report. This comprehensive analysis delves into the software security practices of 130 organisations, encompassing leading companies across ...
11 months ago Itsecurityguru.org
New Synopsys Report Reveals Application Security Automation Soars - Today, Synopsys released BSIMM14, the latest iteration of its annual Building Security In Maturity Model report. This comprehensive analysis delves into the software security practices of 130 organisations, encompassing leading companies across ...
11 months ago Itsecurityguru.org
New Synopsys Report Reveals Application Security Automation Soars - Today, Synopsys released BSIMM14, the latest iteration of its annual Building Security In Maturity Model report. This comprehensive analysis delves into the software security practices of 130 organisations, encompassing leading companies across ...
11 months ago Itsecurityguru.org
New Synopsys Report Reveals Application Security Automation Soars - Today, Synopsys released BSIMM14, the latest iteration of its annual Building Security In Maturity Model report. This comprehensive analysis delves into the software security practices of 130 organisations, encompassing leading companies across ...
11 months ago Itsecurityguru.org
New Synopsys Report Reveals Application Security Automation Soars - Today, Synopsys released BSIMM14, the latest iteration of its annual Building Security In Maturity Model report. This comprehensive analysis delves into the software security practices of 130 organisations, encompassing leading companies across ...
11 months ago Itsecurityguru.org
New Synopsys Report Reveals Application Security Automation Soars - Today, Synopsys released BSIMM14, the latest iteration of its annual Building Security In Maturity Model report. This comprehensive analysis delves into the software security practices of 130 organisations, encompassing leading companies across ...
11 months ago Itsecurityguru.org
Microsoft Security Copilot improves speed and efficiency for security and IT teams - First announced in March 2023, Microsoft Security Copilot-Microsoft's first generative AI security product-has sparked major interest. With the rapid innovations of Security Copilot, we have taken this solution beyond security operations use cases ...
11 months ago Microsoft.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)