The Pendulum Effect and Security Automation
The last few years have been filled with examples of the “Pendulum Effect”, where trends swing from one extreme to another before settling at an equilibrium, somewhere in the middle. Think about it from an IT and security perspective.
We’ve gone from everything done on-premises, to the mantra of everything in the cloud, to a state of equilibrium where 67% of IT professionals now say hybrid cloud is where they are settling. At the beginning of 2020, employees rarely worked from home. Then, seemingly overnight nearly everyone worked from home, and now today 53% of employees expect a hybrid work model. We are seeing a similar pattern with respect to security automation. Let’s take Security Orchestration, Automation and Response (SOAR) as an example.
Early SOAR platforms were powerful solutions that required scripting languages like Python, plus engineering work and heavy coding. There was a price to pay for the fully customizable playbooks being demanded: they were difficult and expensive to implement, maintain and manage. Now there is a swing towards no-code platforms, like drag and drop. However, that will not work for everyone either. The ability to fine tune is necessary for certain situations and users. The market wants choice and there are different personas. Solutions that provide choice of no code or ability to code (sometimes referred to as low-code) present that state of equilibrium, offering a simplistic playbook builder with the ability to support more advanced requirements as well.