Automation helps build and maintain cyber resilience (Guest blog by Dynatrace)
As the world’s reliance on digital services continues to increase, organisations are under more pressure than ever to build highly secure, resilient applications. Every second of downtime leads to lost revenue, declining share prices, and lasting reputational damage. Organisations therefore can’t afford for services to be taken offline unexpectedly while they deal with vulnerabilities that emerge. As a result, security teams are indispensable in helping organisations to maintain service resilience, by preventing vulnerabilities from entering their applications, and eliminating them quickly when they do slip below the radar.
However, according to global research from earlier this year, 75% of CISOs are worried too many application vulnerabilities leak into production, despite having a robust, multi-layered security approach in place. These concerns underscore the simple fact that with the fast pace of modern digital innovation, there’s only so much security teams can do on their own. Their task is becoming more difficult as the number of security flaws continues to rise, placing a significant drain on their time and resources. In 2021, the National Vulnerability Database logged a record 21,957 new threats. What’s more, on average, security teams waste 28% of their time on vulnerability management tasks that could be automated.
The challenge of prioritizing vulnerabilities
Much of the challenge stems from the growing prevalence of open source code in today’s cloud-native applications. While these third-party code libraries can accelerate application development, they also contain significant security risks — as we saw with Log4Shell and Spring4Shell. This increased usage results in teams frantically putting out fires whenever new vulnerabilities such as these come to light.
Dynamic cloud and Kubernetes environments add to the challenge, by making it more difficult to quickly locate, prioritise, and patch vulnerable open-source code. By the time teams manually track down all instances of a vulnerability and identify which present the biggest risk to the resilience of their software, a whole host of new instances pop up elsewhere. This increases an app’s downtime, as finding, prioritising, and resolving the security flaw becomes hugely time-consuming.
To combat this relentless tide, the silos between security, development, and operations teams need to be eliminated, and they need to adhere to more collaborative DevSecOps approaches. These teams must be equipped with the solutions, data, and capabilities they need to deliver services that are resilient and secure by default. This further highlights the need for a new, more intelligent approach to vulnerability management that enables security teams to get apps back online faster, with less time wasted.
Understanding threats in real-time
The ability to converge security with real-time, end-to-end observability is critical, as it shows teams what code is running in production and where vulnerabilities are within their environment. This means teams can quickly and easily access the context needed to understand their attack surface and evaluate the risk whenever a new vulnerability is discovered — for example, by identifying whether customer or financial data is exposed.
End-to-end, real-time observability can also power artificial intelligence that provides precise, data-driven answers to support self-protecting applications, by enabling vulnerabilities to be automatically resolved as soon as they are detected. If everyone – security, developers, and operations teams – can access these accurate and up-to-date answers from a single source of truth, they can act much faster, driving greater resilience and ensuring apps and services remain available.
It’s not as if CISOs aren’t yearning for this, either. More than three-quarters (79%) say that automatic, continuous runtime vulnerability management is key to filling the gap in the capabilities of existing security solutions.
Towards a more resilient future
Cyber resilience is a core pillar of the modern digital business. To ensure apps and services remain available and uphold customer expectations, organisations need to drive DevSecOps adoption to improve collaboration, building cyber resiliency into their operations and relieving some of the manual burden their security teams face.
By shifting their approach to vulnerability management from reactive to proactive, security teams can get more time back to focus on the tasks that are valuable to the business - maximizing performance, increasing cyber resiliency, and ultimately, improving experiences for customers.
Help to shape and govern the work of techUK’s Cyber Security Programme
Did you know that nominations are now open* for techUK’s Cyber Management Committee? We’re looking for senior representatives from cyber security companies across the UK to help lead the work of our Cyber Security Programme over the next two years. Find out more and how to nominate yourself/a colleagues here.
*Deadline to submit nomination forms is 17:00 on Tuesday 18 October.
Upcoming events
Get involved
All techUK's work is led by our members - keep in touch or get involved by joining one of the groups below.