In the past year, research indicates that nearly a third of organizations have accelerated their plans to automate key security and IR processes, while another 85% plan on automating them in the next 12 months. Despite the positivity of these statistics, many organizations struggle to change to a more automated process. This was highlighted at a recent webinar we held with a panel of senior cybersecurity experts from a multitude of sectors.

“Safe travels!” It’s been a long time since most of us have uttered that phrase. Now we’re saying it with increasing regularity as family members, friends and colleagues are traveling again with greater ease and confidence. I’d like to suggest that when those of us in the security industry wish someone a safe trip, we use the opportunity to remind them of the increased cybersecurity risk they now face and share our expertise for how to protect themselves.

In previous blog posts we’ve discussed the value of a data-driven approach to security operations. In this post, we’d like to reflect and take a closer look at what that approach means to the automation of SOC (Security Operations Center) workflows and how it has influenced the product and design decisions of ThreatQ and ThreatQ TDR Orchestrator.