The State of IT Automation: New Pressures Invite New Opportunities Read Report

Bookmark: Top Incident Response Headlines of the Summer

Bookmark: Top Incident Response Headlines of the Summer
September 1, 2017 • Resolve Staffer

Staying up on the latest industry trends can feel like trying to grab a fistful of water. This is why we’ve made it easy and brought you the top five articles discussing incident response and automation that have garnered the most attention in the last quarter.

Here’s what professionals in SOC, NOC and IT Ops have been talking about in case you missed it.

poolside reading for business growth

Kick your feet up by the pool and catch up on our roundup of most influential incident response articles to grow your business!

1. Rethinking Cybersecurity: The $80K Job With Few Applicants

This article delved into a little-known fact: Entry-level cybersecurity jobs are oft the highest-paying posts for graduates still wet behind the ears; but hardly anyone is taking the bait. Though money is flowing in the SecOps industry, few people are qualified or pursuing qualification.

  • “40 percent of enterprises receive less than five applications for cybersecurity positions
  • “Close to 1 in 3 organizations take at least six months, or longer, to fill priority cybersecurity positions. …
  • “37 percent of organizations report less than 1/4 candidates are qualified
  • “46 percent of companies polled see a skills gap with emerging software platforms”

Why, you ask? Experts say ever-evolving cyber threats demand real-world training that academics just doesn’t offer presently. Additionally, the cybersecurity level 1 agent role doesn’t promise out-of-the-box innovation other tech positions can boast.

In the article it’s revealed that the bridge helping less-skilled entry-level cybersecurity professionals triage cutting-edge cyber threats are the levers of full, partial and human-guided automation.

“Resolve Systems is the pioneer incident response and automation platform equipping SOC and NOC, IT Ops, DevOps and Service Desk teams to handle varying intensities and complexities of incidents right at the frontlines and across silos. The Resolve Platform enables engineers to capture SME in no-code, pre-built automations to empower L1 agents to easily run end-to-end or human-guided automations. Regardless of their experience, Resolve fills in the gap.”

2. Incident Response and the Usual Suspects

In this article we learned that the same obstacles steal time from the entire enterprise’s operations teams: Security Operations, NOC, IT Ops and Service Desk. The article profiled the typical characters in a lineup heisting effective incident response; and shared how to beat them at their own game. Read the blog to learn more about: The Intimidator, The Diversion, The Getaway Driver, The Mouth and our hero—The Response.

“The Intimidator. … Not unlike IT Ops, Network Ops or Service Desk day-to-day, alerts smother Level 1 agents in what is commonly referred to as a ‘sea of red’ within popular ticketing systems: One intimidating list of ‘critical’ alerts; or event noise that is so blaring, some incidents are missed and operational inefficiencies get in the way.”

3. Splunk ITSI + Resolve: A Natural Pair to Streamline IT Operations

Peas and carrots; fish and chips; chocolate and … everything: natural pairings that just go together. As we discuss in this article, “There is no secret sauce—you need to understand the strategic importance of various aspects of your [incident response] environment and processes and make the necessary investments to make those areas as efficient and streamlined as possible.”

This blog dives into how businesses can scale the capacity of high volume and complex incident resolution operations, by leveraging what most already have: the Splunk IT Service Intelligence.

Splunk aggregates correlates, triages and filters in quantum leaps, The Resolve Platform shifts that acceleration into gear with equally expedient remediation via human-guided automation. Resolve can do in minutes and seconds what humans—left to their own devices and patchy knowledge management—can take minutes upon hours to do.

Resolve and Splunk ITSI workflow

4. Key Requirements for a Security Incident Response Automation Platform

This article laid out the modicum necessary for security incident response (SIR) that’s as swift and targeted as cyber attacks themselves:

  • Automated rapid response that drills alerts with a consistent, repeatable process
  • Human-Guided (embedded) automation to accelerate and customize SIR
  • End-to-End/Closed Loop SIR options to cleanly wipe out the simple and redundant incident types and false positives
  • Real-time status tracking during response for post-incident follow up
  • Playbooks, Runbooks and guided decision trees that can flex to contend the changing threat landscape
  • Collaboration and integration between Security and IT teams to to bridge separate infrastructures, systems and applications

The key takeaway from the blog is precisely how Resolve Systems builds on existing investments for maximum cost savings and hassle-free deployment.

5. Why is Automating Incident Resolution so Difficult?

In talking about the revolving OpEx conundrum: “do more with less,” we broke down the hangups to employing incident resolution in this blog. Hint: most of the obstacles surround misconceptions that managers need to lay off employees and let full-blown automation run on autopilot.

“Instead of trying to ‘boil the ocean’ by completely automating the process from end-to-end, selectively automating just a subset of repetitive tasks makes building automations considerably easier. In essence, you leave all of the complex reasoning to the support engineer to decide and just give him or her the contextual details that they need to make decisions through automations.”

A Total Solution for Incident Response and Automation

Resolve Systems is the first—and continues to be the most comprehensive trailblazer—in enterprise-wide incident response and automation solutions for Security Operations, IT Operations, Network Operations and service desk teams.

Resolve accelerates incident response and resolution by equipping frontline agents with partially or fully customizable human-guided automations, powerful real-time incident collaboration and the omnipresence to orchestrate existing systems, across silos. It harnesses subject matter expertise in templatized decision trees to circumvent costly escalations.

Headquartered in Irvine, California with Operations in EMEA, Resolve Systems supports Fortune 500 customers around the world. To hear quantifiable data on how our incident response and automation platform can secure quarterly goals, download our most recent webinar.


About the Author, Resolve Staffer:

This post was written by one of the awesome contributors on the Resolve team.

Recommended Reads

The Rise of the Cognitive NOC and the Role of IT Process Automation

The Rise of the Cognitive NOC and the Role of IT Process Automation

Find out how the Cognitive NOC has become the driving force in network management.

What Is the Network Operations Center (NOC): A Brief Overview

What Is the Network Operations Center (NOC): A Brief Overview

How to make your NOC performance reach its full potential.

Getting Out of the 2010s Era of Alarm Avalanches

Getting Out of the 2010s Era of Alarm Avalanches

Leverage a scalable approach to alarm management by allowing technology to do the work.