Let's automate (security) and not procrastinate
With each dawn, there are new stories relating there has been yet another compromise and a mountain of data had been exfiltrated via an "advanced hack" that allegedly no one could have defended against. Notwithstanding many of these are oversights, there is a form of assistance from within the organization that is more of an organic method of assistance. This may not be the panacea that too many are seeking, however it certainly would be an assistance.
A central issue is the lack of qualified, skilled employees in the market. This has been noted repeatedly. The fix for this is not in the short-term frame. This involves training, change of mindset, and other paradigm shifts to take a full effect. One avenue, overlooked by too many is utilizing automation to assist with the task. To fully review logs, gather material, and perform the simple tasks takes the staff time to complete. This may take hours that could be used for much greater and impactful duties. By automating these tasks, the time the staff was spending pulling reports, analyzing for trends, and other activities would be freed up. The scripts don't need to be extremely over-complicated, but written to simply do the task.
To further extend the usefulness of this, simple machine learning could be applied. To ensure this is indeed adding value, this could be supervised until the app would be completing its tasks to the acceptance of management. This again would not need to necessarily delve into the minutiae initially. This step may be taken at some point later on when the comfort level is present. This is merely one manner to assist with the time crunch felt in the industry.
About the Author - Charles Parker, II has been working in the info sec field for over a decade, performing pen tests, vulnerability assessments, consulting with small- to medium-sized businesses to mitigate and remediate their issues, and preparing IT and info sec policies and procedures. Mr. Parker’s background includes work in the banking, medical, automotive, and staffing industries.