With the growing number of newly-released, longtime-funded automation tools and platforms, it’s clear that network security operations automation has reached an inflection point. While automation promises to provide significant value to security and network operations teams, along with hopes and promises comes concerns about limitations, potential failures, and critical oversights—especially when it comes to automating incident response. These limitations don’t stem from a lack of APIs, compute power, or the advancement of machine learning or artificial intelligence, but rather from the tools that are doing the detection, notification, and remediation.
Security operations expert Tom Gorup addresses short- and long-term automation challenges and provides analysis on why investments should be focused on arming people with more assistive technology, rather than attempting to remove humans from the equation entirely.
About the Presenter:
As Director of Security Operations for Rook Security, Tom Gorup oversees Managed Security Services and develops proprietary security operations management tools and services for organizations ranging from Fortune 100 firms to fast-growing startups. Prior to joining Rook, Tom served 6 years in the U.S. Army. As an Infantry Squad Leader, Tom served two tours in Iraq and Afghanistan, where he received a Purple Heart alongside several other awards for actions on the battlefield. Tom is GCIA certified, a participant in the GIAC mentor program and advisory board, Indiana Infragard Sector Specialist, and on the NexTech advisory board.