IT teams need to adopt a more proactive approach to application security just to deal with the sheer volume of threats. Automation and AIOps are crucial to doing this successfully.
Within IT departments across the world, there is growing concern about the threat of a cybersecurity attack. And much of this concern is focused specifically around application security.
In the latest research from Cisco AppDynamics, 87% of technologists in Singapore report that they feel that their organization is vulnerable to a multi-staged security attack that would affect the full application stack over the next 12 months.
Rapid cloud adoption, the shift to microservice-based application architectures and increased deployment of IoT devices over the past couple of years, have led to a dramatic expansion in attack surfaces. Indeed, the sheer volume of applications that are now spread across multiple entities has made monitoring security throughout the DevOps pipeline extremely challenging.
Unfortunately, most IT teams don’t have the tools and insights to identify and manage security vulnerabilities on this scale, and they are increasingly feeling overwhelmed by the volume of security alerts coming at them from a multitude of monitoring tools.
In order to manage this new application security landscape, technologists need to adopt a more proactive approach to application security, integrating security into the development process from day one to build more secure products. And they need to lean on the power of automation and AI to cope with soaring volumes of data and to detect and remediate issues across an ever more dynamic and fragmented IT environment.
Lack of visibility and resources to manage new threats
As organizations have accelerated their digital transformation programs to meet changing customer needs and to enable hybrid work, application release velocity has skyrocketed. But in the rush to deliver new applications, security has often failed to keep pace.
As organizations embrace cloud-native applications and architectures, application components are increasingly running on a mix of platforms and on-premise databases, resulting in a huge expansion in attack surfaces. This is leaving major visibility gaps for IT teams and increasing the risk of a security event, the consequences of which are potentially catastrophic – service disruption and outages which can result in poor customer experience, reputational damage and lost revenue.
79% of technologists in Singapore report that their current security solutions work well in silos but not together, meaning that they can’t get a comprehensive view of their organization’s security posture. So IT teams are being bombarded with security alerts from across the application stack but they simply can’t cut through the data noise to understand the risk level of security issues in order to prioritize remediation based on business impact.
In fact, 59% of technologists admit that they are overwhelmed by the volume of security threats and vulnerabilities to their organization – they simply haven’t got enough time in the day to manage a constantly changing and ever more complex application security landscape. The result is that many IT teams are ending up in ‘security limbo’, doing nothing because they simply don’t know what to focus on and prioritize.
New volumes of app security threats
Technologists urgently need to get back on the front foot to manage application security in a controlled and strategic way. They know that they need a robust security approach for the full application stack approach to deliver complete protection for their applications, from development through to production, across code, containers and Kubernetes.
Alongside this, IT teams need to integrate performance and security monitoring to understand how vulnerabilities and incidents could impact end users and the business.
However, such is the complexity and dynamic nature of cloud-native technologies and the volume of security alerts coming from across a sprawling IT environment, very few IT departments have the resources to cut through the data noise, to identify and analyze vulnerabilities before they become issues which affect end user experience. And therefore, technologists should be looking to leverage automation and AI wherever they can within their application security processes.
Strength through automation
Robust automation strengthens security postures, identifying threats and resolving them independent of an admin. This reduces human error, increases efficiency, and drives greater agility in development — enabling teams to ship and deploy applications even faster.
Automation helps to contextualize security, correlating risk in relation to other key areas such as the application, user and business. Business transaction insights enable IT teams to measure the importance of threats based on severity scoring, factoring in the context of the threat. This means that they can prioritize threats that could damage a business critical area of the environment or application.
With runtime application self-protection (RASP), technologists can protect applications from the inside out, wherever they live and however they are deployed. They can see what is happening inside the code to prevent known exploits and simplify vulnerability fixes.
Developers can generate targeted insights into their application environments that allow them to respond to threats at scale – whether that’s in containers, on-premises, or in the cloud – and integrate security throughout the entire application lifecycle.
AIOps is essential
Given the volume of new security threats which organizations are facing, AI and machine learning (ML) is now essential to identify gaps, predict vulnerabilities and automate processes to remediate any security holes. As bad actors ramp up their use of AI and ML, it’s vital that enterprise security teams keep pace. AIOps extends human capabilities in multiple cybersecurity tasks, including monitoring, assessing, and resolving security issues – freeing up security teams to focus on higher-value issues and enabling them to collaborate more effectively and strategically throughout the development lifecycle.
AIOps is now essential to automatically detect and resolve issues across the technology stack, including cloud native microservices, Kubernetes containers, multi-cloud environments, or mainframe data centers. And technologists are increasingly recognizing this – the research found that more than three quarters believe that AI will play an increasingly important role in addressing the challenges around speed, scale and skills that their organization faces in application security.
Rather than being stuck in limbo, technologists must use the full capabilities of automation and AI Ops to optimize application security. Doing so will enable them to build more secure products, avoid costly downtime and push forward into the next era of innovation.
Written by Joe Byrne, CTO Advisor, Cisco AppDynamics
Related article: 5G, cloud and metaverse to make cybersecurity harder in 2023