Tines Adds Tool to Customize Automated Cybersecurity Workflows
Tines has added a case management tool to its no-code automation platform that makes it simpler for cybersecurity teams to track individual incidents, investigate security breaches and manage response activities.
Tines CEO Eoin Hinchy said Cases is an extension of the company’s platform that provides cybersecurity teams with a simple graphical interface to automate workflows. The extension enables cybersecurity teams to create custom workflows as cybersecurity incidents occur rather than just automating a set of pre-defined workflows, he noted.
Tines is now providing the ability to analyze trends within a workflow and create tasks as events unfold, said Hinchy. Cybersecurity teams, for example, view the status of incidents and the actions taken to collaborate more effectively, he added.
Rather than relying on a project management application such as Jira, the Cases tool is built for purpose, Hinchy added. Cybersecurity teams can also leverage application programming interfaces (APIs) to integrate Cases with other existing workflows.
Cybersecurity workflow automation had mixed success over the years. One of the primary challenges is the level of programming expertise required by rival platforms, said Hinchy. Most cybersecurity teams don’t have a lot of programming skills on hand, and need to be able to easily automate workflows using a set of intuitive graphical tools, he noted.
There general trend is to shift more responsibility for security operations teams toward IT teams that often have their own automation frameworks for applying controls. However, there are still plenty of processes that cybersecurity teams need to maintain control over as cyberattacks continue to increase in volume and frequency, said Hinchy.
Given the ongoing chronic shortage of cybersecurity professionals, the only way to effectively close that gap is to rely more on automation. In theory, artificial intelligence (AI) will soon make it easier to identify cyberattacks, but there still needs to be a framework for automating the deployment of the controls required to thwart those attacks. The challenge cybersecurity teams invariably encounter is the automation frameworks they are presented with are often too complex for them to master. This is often because no one on the cybersecurity teams has the expertise required to successfully employ them, said Hinchy.
One way or another, cybersecurity needs to become a lot more automated than it is today. Time is always of the essence when there is a cyberattack. The ability to limit the blast radius of a cyberattack depends on how quickly cybersecurity teams can respond. In fact, most cybersecurity teams are now measured as much by their ability to respond to an incident quickly as the number of threats they may have blocked.
Of course, it’s not always easy to justify investments in cybersecurity during difficult economic times. However, many organizations continue to either maintain their current level of cybersecurity spending or have increased it in the face of the continuing onslaught of cyberattacks. Regardless of how much is spent on cybersecurity, however, everyone involved in cybersecurity needs to find a way to work smarter.
