"There are a lot of things we can do to ease the burden of manpower," he says. "We won't solve this completely through software, but we can do things to help. By making the products smart, making them understand data better, and making them function more efficiently, we can make the responses more automated."
Increasing automation of monitoring and response systems will also help small businesses by fuelling improvements in managed security services (MSS) offerings. Those increasingly popular services offer a way for any business to add security monitoring and response capabilities, with built-in automation helping to compensate for the lack of skilled security staff.
By adopting the right mix of monitoring, automation and managed services, companies now have more ways than ever to quickly detect and isolate security threats - even if they are struggling to build up the appropriate security expertise themselves.
Turning monitoring technology into security policy will allow organisations to reduce their time to discovery even when new threats emerge - allowing them to be responsive to today's ever-changing security climate.
"WannaCry was a reminder of the potential impact when these things aren't done correctly," Smith said, "and it's disappointing because the solution for this one is so basic. Organisations are going to have to take their security policies seriously enough to make them part of their institutional routine. When there are real-life consequences for breaches, it hits home just that little bit more.
Source: CSO Australia
Sign up for CIO Asia eNewsletters.