…we should always keep top of mind when we’re neck-deep in cyber threat intelligence, control libraries and vendor technology presentations is simply this:

“How does the decision I’m about to make help my security customers accomplish what they’re trying to do?” Followed closely by the corollary: “How are they really going to recognize that what I’m doing is helping them rather than just getting in their way?” ~ Andrew S. Townley

One of the biggest barriers to security automation isn’t the technology but rather figuring out where to start. Getting to a starting point requires prioritizing the processes that cause the most bottlenecks to security service delivery.

Here, I would recommend CISOs look at value-stream mapping. Value-stream mapping is a visual exercise that helps align workflows to business outcomesand identifies issues related to performance and quality. 

From there, you’ll want to explore which technology solutions have integrations built in and which will need custom programming. Invest in solutions that work well together. Then, fill in any automation gaps with strategic programming.~ Kent Noyes