Strategic Business
& Growth Advisory
Services

Our strategic research and consulting deliverable are designed to provide
comprehensive information and strategic insights to our clients enabling
them to achieve business transformation goals.

Consulting

Subscription
Services

Content Strategy
Services

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.

Blog & insights

Podcast

TechTalk Series

Our strategic research and consulting deliverable are designed
to provide comprehensive information and strategic insights to
our clients enabling them to achieve business transformation goals.

Blog

The major technology disruptions to look for in 2022 & beyond

Our strategic research and consulting deliverable are designed to provide comprehensive information and strategic insights to our clients enabling them to achieve business transformation goals.

Podcast

TechTalk Series

Our strategic research and consulting deliverable are designed
to provide comprehensive information and strategic insights to
our clients enabling them to achieve business transformation goals.

Competitive Intelligence

The Card and Payments Market is a dynamic sector undergoing a profound transformation, largely driven by digitalization and evolving consumer preferences. The rapid shift from traditional cash and

Competitive Intelligence

Amazon’s Bezos to Face Unprecedented Protests During India Trip

Promise scholarships cover up to full college tuition for students who’ve attended New Haven Public Schools during some or all of their K-12 years, and the organization also provides scholarship recipients with advice, mentorship, career skill workshops, and connections to paid summer internships in New Haven — many of which are based at Yale.
Strategic Performance Assessment & Ranking
soar

New cybersecurity mandates by CISA and Low-code security automation to the rescue.

SHARE

Share on facebook
Share on twitter
Share on linkedin
Share on email

Washington D.C. – The implementation of security orchestration, automation, and response (SOAR) technology in federal agencies has been mandated as a measure to secure systems and limit the risk of security incidents. The measure has been notified in the new cybersecurity strategy for federal agencies by Cybersecurity & Infrastructure Security Agency (CISA) and the Biden administration. The decision aims at moving the government toward a zero-trust security model.

The strategy is an extension of the May 2021 executive order, which seeks to improve the nation’s cybersecurity posture and goes as far as to mandate specific cybersecurity standards to be implemented by the end of 2024. As a part of the strategy, the CISA announced in late July 2022 that it plans to update its Zero Trust Maturity Model, a roadmap for agencies to reference as they transition towards a zero-trust architecture. The Executive Order M-21-31 also mandates security automation as part of the effort to improve the government’s investigative and remediation capabilities related to cybersecurity incidents.

SOAR (Security Orchestration, Automation, and response) is critical for integrating the components of a zero-trust model. Security automation, specifically low-code automation, is essential for implementing a zero-trust strategy and making it easier for federal agencies to comply with cybersecurity mandates. It reduces repetitive work for security teams and allows for a wider range of employees to contribute to building security automation. It also provides greater visibility into risk posture and allows for efficient regulation of access to networks. Without security automation, it is not feasible for federal agencies to handle the volume of security alerts and complex processes while dealing with a smaller staff. Security teams should consider low-code security automation a crucial part of meeting zero trust and SOAR requirements and agencies should choose an automation platform that supports a wide range of use cases.

Around 55% of IT professionals find it challenging to choose vendors for their strategy, but adopting SOAR can be made easier with the right advisory. Therefore, organizations are also advised to integrate SOAR with SIEM or log management tools and create automated incident response playbooks. To maximize the value of SOAR adoption, prioritizing processes for automation based on the agency’s security stack and the attack surface is important.

Analyst Take

According to Shekhar Menkudale, Analyst at Quadrant Knowledge Solutions “Technological advancements, along with the embrace of SOAR along with the zero-trust technology by the US federal government, pinpoint the increasing capability of the technologies to address the demands posed by an increasingly complex security landscape. The technologies reduce the burden on agencies by automating threat detection and response. The addition of low-code automation will act as a catalyst for SOAR market growth, as it will allow organizations to reduce dependency on developers. Therefore, SOAR vendors should focus on implementing Low code technology in their SOAR offerings”.

Author

Shekhar Menkudale, Analyst, Quadrant Knowledge Solutions