Automation for Cyber Security and Artificial Intelligence:
An Overview
INTRODUCTION
Automation is an important component of any cyber security strategy, and plays an important role in artificial intelligence (AI). While many organizations leverage applications and policies to safeguard from attack vectors, and action plans for when attacks occur, automation can play a critical role before, during, and after a system compromise. Well planned automation reduces overall risk by allowing for the execution of immediate, real-time actions, which protect the integrity and availability of systems and data across the enterprise.

Automation
An enterprise automation strategy takes that concept further by applying customized monitoring and intervention utilities, for each component of the network, and applies them to the greater enterprise cyber security strategy, which may include AI support. The logging, auditing, and monitoring interfaces of the varying components of the enterprise network should be exploited to help identify threat vectors and actionable events. This includes the collection, storage, aggregation, normalization, and analysis of this data as it is produced. Once the data is collected and prepared, any actionable correlations will be made, and appropriate actions are taken without the need for human intervention. When applied properly, automation can be a very effective tool for taking rapid action, reducing risk, protecting proprietary information, and minimizing corporate liability.
Data Collection and Aggregation

- identifying current conditions requiring a response,
- identifying trends indicating potential improvements and upgrades,
- conducting incident and forensics investigations,
- research for improving automation efforts.
Correlation
Heterogeneity

Deployment
Caution should always be taken when employing automation that can affect the integrity and availability of systems and data. As systems are updated, patched, and replaced, their output may change, which could affect the way they are perceived by the automation systems. It is important to always update and test automation protocols, whenever a change is made to any component of the network that may alter the way it reports status and activities. A well deployed automation strategy, that is kept up to date with changes to the network, is a very powerful tool for maintaining the security, integrity, and availability of enterprise systems and data.
CONCLUSION
Interested in Sabre Systems?
Sabre Systems, Inc.
Experience. Quality. Results.
© 2018 Sabre Systems, Inc. All rights reserved.
SABRE SOLUTIONS