Karen Holmes: Cybersecurity Teams Must ‘Automate or Die’

In this episode of the Business of InfoSec Podcast TrueBlue CISO and SVP Karen Holmes explains why she is putting automation and orchestration at the heart of her firm’s cybersecurity strategy

Karen Holmes has a simple message for cybersecurity professionals: ‘automate or die’.  

In this week’s episode of the Business of InfoSec Podcast, TrueBlue SVP and CISO Karen Holmes argues that in today’s high-threat environment people-power alone is not enough to keep up with cybercriminals.

“The simple fact of the matter is that the bad actors only have to be right once. We in cybersecurity have to be right every single time,” Holmes notes.

She continues: “You simply cannot hire enough people to stare at screens 24x7x365, looking for something that might pop their interest. Humans miss things, and it’s just mind crushingly dull to sit there and watch feeds for monitors and logging all day long.”

The real advantage for businesses of using smart automation is to free up human talent to work on high-value tasks, Holmes says.

“Really, we needed to look at a place where, what can automation do for us, so we can free up our cyber threat engineers to really look at the things we care about.”

Automation Creates Valuable Time  

Cybersecurity leaders are increasingly being forced to compete for skilled cybersecurity talent.

For Holmes, automation has freed her skilled staff from mundane, repetitive tasks, giving them the opportunity to work on interesting problems.

“The market for cyber-threat engineers is really tight,” Holmes says. “It’s easier to attract and retain really top talent [when using automation] because they’re working on really interesting things.”

She continues: “But if you’re under the weight of really looking at event monitoring at that low level, that’s soul-crushing, and you’re not going to keep really sharp people engaged.”

Interoperability is Essential in a Time of Digital Transformation

However, while automation can be a valuable tool, Holmes warns about technologies that won’t work effectively with your existing stack.

And while the latest solution might have very advanced features, if it’s not able to talk to other technologies in the stack then it is likely to turn into an expensive waste of time.

“Obviously you need security through your systems, but you have to make sure that the tools are interoperable, that they’re talking to each other,” Holmes says.

When implementing orchestration around your automation technologies, Holmes advises cybersecurity leaders to clearly define what success looks like.

“As you start, especially through a digital transformation and security, you really have to define success first, before you start and then build back from success,” Holmes concludes. “But everything’s got to really kind of play together and have its own piece.”

Key Findings

  • ‘Automate or die’. Unless you have an unlimited resource, automation is now an essential element of any cybersecurity strategy.
  • Automation helps to keep your team happy. Removing mundane tasks means your team can focus on interesting problems.
  • Know what success looks like. It’s important that your technologies can talk to each other – know where you are heading before you hit the road.