Chapter 6 – Automating Security Operations
Cloud Security automation
Relying on manual security operations can drain resources, slows development processes and can hurt your business operations on-premise or in the cloud. In order to be proficient secure and reduce the continued strain organization need to automate their security operations as part of their cloud journey. Today, organization spend millions if not billions on cyber security annual through the procurement of tools, services, training and education of personnel. Yet in 2014, consumers were exposed through breaches at eBay, Home Depot, and J.P. Morgan Chase and others to name a few. Again in 2015 there were Healthcare organization such as Premera and Anthem Blue Cross Blue Shield as well as the US Federal Government Office of Personnel Management OPM breach which made 2014 seem light in comparison. In 2016, the focus turned on small to mid-size businesses (SMBs) or as the industry has labeled it “The Year of The SMB Breach”.
The stories around the Targets, Home Depots and Wendy’s captures the attention of media and the public, but the larger credit card compromises that take place across SMB which fall well under the thresholds for an on-site assessment by the Payment Card Industry Security Standards Council (PCI SSC) for an on-site assessment by a Qualified Security Assessor (“QSA”). The only merchant level to require an on-site assessment is Merchant level 1 for organization which process greater than 6,000,000 ...