The 7 Secrets of Effective Digital Transformation

If you’ve ever read the book The 7 Habits of Highly Effective People by Stephen Covey, you’re familiar with the concept of “beginning with the end in mind.” Putting that into context in terms of digital transformation means organizations must determine what their goals are before they begin adopting a ton of shiny new technologies. Unfortunately, many otherwise intelligent business leaders make the mistake of focusing so much on technological innovation that they miss the mark altogether.

This is not to say that technology isn’t a key driver of digital transformation. The problem often lies in a misunderstanding of what digital transformation actually is. According to a recent report by Altimeter, despite the fact that a growing number of enterprises are investing in innovative technologies, the majority of them are still lacking in terms of meeting customer expectations due in large part to a lack of digital literacy. The report also concludes that the main obstacles to achieving the solidarity and collaboration necessary for true, effective and lasting digital change are ego, politics and fear.

When an organization begins with a tech-first approach, it risks missing the point about what digital transformation is truly all about. In many instances, company leaders – CIOs in particular – fall into the trap of attempting to build new technology atop an old and crumbling legacy foundation. There’s an erroneous belief that all it takes to keep up with disruption is continuously adopting the latest and greatest apps and programs. New tech is great, but it must be adopted as a component of the digital transformation process, rather than its fundamental basis.

To demystify the whole digital transformation concept and improve your chances of success, here are a few expert tips to keep in mind.

The human element should be front and center.

Yes, the term is “digital” transformation, but in reality, it’s more about human transformation than anything else. That’s really what’s at the heart of any successful change. Technology is essential, yes, but it’s equally, if not more important that your people are all on the same page and moving together at the right speed. One of the biggest challenges to transforming a business is bringing its workforce up to speed, in particular, getting them current with the skills needed to facilitate change.

Experts unilaterally agree that the key to achieving true digital transformation is having a team of individuals who are curious, motivated by and passionate about the mission. Only then can you successfully usher in the innovative technologies you need to move forward.

A great example of this is Pitney Bowes. Several years ago, the company began initiating a shift to align itself with the changing world of tech. Specifically, they focused on evolving in 10 key areas such as machine learning, analytics, mobile, SaaS and APIs. But while leadership recognized the critical need for a strong technical strategy, they also prioritized the development and implementation of a solid people strategy as well.

The company organized curriculum for each of the 10 key areas of disruption and every one of the 1,200 employees was tasked with immersing themselves in one of those 10 topic areas for a period of one full year. The results have been beneficial to both sides – the company, by enhancing its workforce, and the employees, who have enriched their skills and improved their personal value proposition. Additionally, with staffers becoming subject matter experts in their chosen topics and subsequently collaborating together, many new and valuable relationships have been forged. This is advantageous to everyone involved.

Take the time to really understand your customers.

Ask any business leader what they believe the biggest driver of digital transformation is and they’ll probably cite the evolving behaviors and preferences of their clientele. Yet, according to the Altimeter report, a remarkable few (less than half) actually bother to truly understand their digital customers.

The few that are actually getting it right have done so by taking an outside-in approach. In other words, they take the time to determine what’s missing or broken that can solve a need and then focus their efforts on doing just that, tying in key performance indicators (KPIs) and ROI to demonstrate success. Rather than looking at internal processes, these innovators examine the customer experience first to identify opportunities to add value.

The key takeaway? If you aren’t meeting what your customers want or need, your efforts to achieve digital transformation will inevitably fall short and you will risk being left behind. The best technology, the best policies and procedures, the best laid plans – none of that will matter if the end result doesn’t make the lives of your clientele easier. That’s the end result that should be your focus from day one.

Establish new teams.

Spearheading digital transformation shouldn’t be a side project. If you want it done right, you need to have a team of individuals who are 100% dedicated to the cause. Teams should be made up of various people with different strengths and diverse backgrounds. For instance, you might have a project manager, a lead developer and someone who is focused on the customer experience. You could then supplement this with members from other roles, such as QA, development, ops and finance.

When an idea for a new initiative arises, the team’s job should be bringing it to fruition – at least to some degree – as quickly as possible. It’s not about achieving perfection right away. Digital transformation involves evolution, which means your team should be ready to go through a cycle of development – try things out, assess how they work and then adapt and improve accordingly. This agile methodology may require a paradigm shift, which is why it’s so important to have a dedicated team.

Cultivate collaboration as you deploy technology.

As mentioned, digital transformation isn’t entirely about technology. Yes, technology is a critical component, but it takes people to really achieve successful change, and that requires ongoing collaboration. Trailblazing ideas, sharing best practices, building a community – these things drive innovation and continuous improvement.

Use Pitney Bowes as an example once again. While they were designing their curricula around their 10 targeted technology areas, leadership also hosted global innovation roundtables to enhance collaboration efforts. As a result, they were able to identify cases in which there were common problems with their integration, delivery and operational practices. This enabled a fast and effective resolution across the board. Furthermore, because of the improved collaboration, workers acknowledged feeling much more engaged, as opposed to being just another “cog in the wheel.”

Don’t give in to the resistance.

It’s human nature to fear change, and that fear often manifests itself as resistance amongst workers. Logically speaking, the larger the enterprise, the greater the push back is likely to be. If you want to successfully shift to a digital ecosystem, you simply cannot let the naysayers get you down.

That’s not to say you should steamroll over them and ignore their concern. It’s more about your approach. Over communication and clear articulation, not just about what is happening, but how and most importantly, why, is key. It’s also important to develop a group of early adopters and innovators – those who embrace the proposed changes, as they can become your champions.

At the end of the day, digital transformation is really about people transformation.

Think like a startup.

As organizations become larger, greater divides between various groups and departments begin to occur. This results in silos of information, which can hinder communication and the ability to collaborate effectively.

To avoid this, try to adopt more of a startup mentality – one that focuses on operating nimbly and making sure that projects are being carried out in the correct way. Be cognizant of any walls and barriers that exist and focus on eliminating those and encouraging unilateral communication across the board. Encourage teams, departments and divisions to work closely together with a goal of making strategic decisions more quickly and rolling out smaller changes faster.

Take a bottoms up approach.

According to the aforementioned Altimeter survey, only 40% of the companies polled say their digital transformation initiative is overseen by an executive-mandated steering committee. Getting buy-in from the C-suite is certainly important, but how you go about doing so can make all the difference in the world.

Many organizations have had tremendous success by flipping the typical top-down narrative to more of a bottoms up approach. In other words, they focus on obtaining buy-in from all levels of hierarchy within, bringing together a diverse group of workers to collaborate together to create a digital transformation strategy.

This provides the opportunity to go through checks and balances to determine what makes the most sense and is directionally appropriate. Only when every ‘I’ is dotted and every ‘T’ crossed is the strategy presented to the C-suite for approval.

Conclusion

Is technology an important part of digital transformation? Of course. But if that’s all you’re focused on, you will inevitably come up short. Instead, focus on the people and policies that matter most, get all your ducks in a row and start with the end in mind. Do so and your organization can be counted among the success stories.

Free eBook! Get Your Own Copy Today

Episode #15: Leveraging Predictive Analytics to Transform IT from Reactive to Proactive – Business Data Leadership’s Theresa Kushner

April 24 2019    Episodes

Episode #15: Leveraging Predictive Analytics to Transform IT from Reactive to Proactive

In today’s episode of Ayehu’s podcast we interview Theresa Kushner – Partner in Business Data Leadership, & former Senior Vice President of Dell’s Performance Analytics Group.

The famous management consultant W. Edwards Deming once said “In God we trust, all others bring data.”  Enterprises embracing digital transformation are bringing that data in droves, and cultivating it in ways unimaginable even just a few short years ago.  Thanks to new tools, techniques, and technological advances, massive volumes of historical & real-time data can be analyzed to make forecasts about future events.  This field of “predictive analytics” has enormous implications for everyone.  For IT professionals, it offers a chance to not only anticipate problems before they occur, but to automate their mitigation before they materialize.

Predictive analytics seems like the modern day equivalent of a crystal ball, but with data scientists and statisticians divining the future instead of fortune tellers.  To get us up to speed on the state of predictive analytics today, we turn to one of its most notable thought leaders, Theresa Kushner, recent inductee into the Analytics Hall of Fame.  Having managed huge analytics projects for Dell, Cisco, VMWare & IBM, Theresa knows what it takes to convert data into ROI-generating predictions.  In this episode, she’ll share with us some of the unexpected ways predictive analytics can be used, how a new occupation called “Business Scientist” might be the key to alleviating the drastic shortage of data scientists, and what the single most unrealistic expectation is plaguing the field of predictive analytics.




Guy Nadivi: Welcome, everyone. My name is Guy Nadivi, and I’m the host of Intelligent Automation Radio. Our guest on today’s episode is Theresa Kushner, Partner in Business Data Leadership. Theresa was previously Dell Senior Vice President of their Performance Analytics Group and prior to that she held senior executive positions with Cisco, VMWare, and IBM. But probably the coolest thing about Theresa is she was recently inducted into the Analytics Hall of Fame, which is quite a testament to her accomplishments and thought leadership, so we’re thrilled she’s joining us today. Theresa, welcome to Intelligent Automation Radio.

Theresa Kushner: Thank you very much, Guy. So happy to be here.

Guy Nadivi: Theresa, we’re living in an increasingly data-driven world, and a lot of that data is fed into machine learning and artificial intelligence systems to make predictions about all kinds of things. This is still kind of viewed as a black art among many people, and so to start, could you please break down for our audience from a high level perspective, what are the steps between putting data into one end of an analytics black box, so to speak, and getting predictions coming out the other end?

Theresa Kushner: Okay. To begin with, let’s start with the end in mind. You always need to know where you are going before you figure out how to get there. So let’s start with where you are going, and let’s assume that you want to predict which of your customers will buy a product from you during this quarter. That means that you must first of all understand where you are today, which customers are buying, what are they buying, from whom are they buying, how much are they paying, and what profits are you making from each individual customer. This beginning can be done with just ordinary reporting. That’s why when I build an analytics team or an enterprise information team, I insist you have to have data management, business intelligence, and advanced analytics as part of the same team. Although the predictive part, may be the tip of the arrow that predicts which customer will buy, that prediction can’t be done without good data, and a clear description, through reporting, of what has happened up to this point.

Theresa Kushner: The reporting that you have can easily point out areas that might be of help to you and predicting the next customer who will purchase. For example, if your report shows your most profitable segments are those customers who buy from your partners, then you might consider a program that helps you predict which partner would be best to deliver for which customer, not which customer is going to buy from you. Once you’ve done some experimenting around what you want to predict, to ensure that you have a good solid return for your effort, you’ve got to collect the right data, and often this task takes more time than anyone anticipates, and there are several things that can happen. First, the data’s just not available. For example, let’s say you want to predict which customer would best to deliver to which customer, which partner’s best to deliver to which customer, but you’ve never captured that information when a sale is recorded.

Theresa Kushner: You’ve never captured which partners sold to which customer. That makes it very difficult to predict which partner’s the best one to engage. The data, number two, the data you have is incomplete. This is usually the case. You may need a data set that includes partner, customer, date of sale, date of delivery, product, et cetera, and although you have all of these elements available, perhaps they’re all populated at various levels of completeness and accuracy. Since most prediction is built on looking back and extrapolating to the future, you could have some issues if your view is incomplete or inaccurate. Once you have a good, solid data set, then you can develop your algorithms to predict, and most data scientists build a predictive model that looks at patterns in the data. That’s all predictive analytics really is. The model provides a predictive score, or the probability that something will happen, that a customer will buy, a patient will improve, a system will fail.

Theresa Kushner: The most important part of this process is the refinement of that model, and to refine a model, you usually start with data sets. You have a training data set and you have a testing data set. The training data set is usually larger, and it’s randomly selected from your actual data. The testing data set is smaller, and it’s used to test the model, to make sure that the model works. Training data sets are used that the data scientists develop and redevelop the model. It’s not called “data science” by accident. If you do it right, you follow the process, you observe, you question, you hypothesize, you experiment, you analyze, and you conclude. Since most predictive models create a score that provides the probability of something happening, for example, a customer buying, or whatever else you’re predicting, then the business must find a way to use that score to their benefit. That means teaching people how to incorporate the score into their processes or more importantly today, creating processes that embed that score.

Theresa Kushner: This is one of the biggest issues in predictive analytics. It’s getting that score embedded into the process. From the beginning you start with where you want to end up, which is you want the score embedded in your process and that’s the process you go through.

Guy Nadivi: You made me realize that you’ve worked, I’m sure, with so many data sets that now I’m curious. What is the biggest data set you’ve ever processed?

Theresa Kushner: That question, I’m not so sure I really know. I can give you the idea. At VMware, we were on a Green Plum database, which was approximately about 4 terabytes, but that data was growing rapidly, and we were doing a lot to manage it into the process. The Dell’s business management system was probably, it was petabytes, so it was 10 to 20 petabytes. It was huge, but not all of that data is ever used in one algorithm. That’s what the data storage requirement was to store the data that we needed access to, but for analytics, the data was managed down to sizes, test data for example, that could run on desktops. You don’t need massive amounts of data to build a predictive algorithm, but you do need it to find patterns in the data. The larger the data set, the more patterns that are potentially visible, and that’s why big data’s so important to data analysts.

Guy Nadivi: Theresa, tell us about what are some of the most interesting results and predictions that you’ve seen come out of predictive analytics projects you’ve worked on.

Theresa Kushner: I think the one that is… The one that comes to mind immediately, which was…it was very difficult to do, was an interesting project that my team at Dell worked on, was one that helped out a part of the business that we hadn’t traditionally supported – Quality control. The problem was a very complicated one. When you have a server that can be configured a hundred different ways, and you change a component on that server, you have to check out whether the new configuration with the new component will fail or not. Now imagine that you have a hundred different components that can be configured a hundred different ways, and have to be integrated into a hundred different servers. How do you test that many configurations? That was the problem. The QC team couldn’t afford the time or people to test every configuration or every component that went into every configuration, so they brought us the problem.

Theresa Kushner: Our team worked with the QA, the QC team, and developed an algorithm that would enable the teams to predict which configurations would be most likely to generate the response that we need, or show a propensity to fail. Not exactly one of the most common predictions that you would find, but it actually enabled them to narrow down this huge number of configurations to something that was very manageable.

Guy Nadivi: Very interesting, I’m sure, for the IT executives hearing today’s episode.

Theresa Kushner: Yeah. Something they should consider, for sure.

Guy Nadivi: Yes. Yes. Your field is heavily dependent on data scientists, and the August 2018 LinkedIn Workforce Report stated that there was a nationwide deficit of over 150,000 data scientists. How do you think your profession can overcome this staggering talent shortage?

Theresa Kushner: I think you’re going to find this rather controversial, but I don’t believe that we have as great a shortage as they are predicting. For one thing, an example is this. Just last week, there… I met with an organization in the Northeast called U of Next, and the charter of this organization was to build programs for the most underserved populations in the Northeast. I don’t know if you know this or not, but the Northeast would, if you put all the GDP together for Boston, and New York, and all of the area where the universities are in the Northeast, it would be the sixth largest country in the world. So they have a lot of people in those areas, though, that are not being served. What they’re building is a unique program that takes people who have been laboring away for years in the data management profession, and converts them to data scientists through a program they are developing specifically for this type of individual.

Theresa Kushner: Data management professionals know data. That’s the thing that they’re assuming. With some instruction in statistics, not every one of them will move to a data scientist, but you have the beginnings of a good data scientist, because they already know the data. The other thing that’s going to happen is that the tools are going to become easier to use, and with each generation of new tools, we’ll be able to do the programming and the statistics that data science has required just by clicking and moving icons around on our desktop. Trust me, we’ll have enough people. We just need to prepare them right.

Guy Nadivi: Given the high rate of pay that data scientists earn today, I think what you just said really piqued the interest of the data management people out there.

Theresa Kushner: Yeah.

Theresa Kushner: Unfortunately I think that, like all industries, you see a high rate of pay for the data scientists now, but over time that’s going to come down to something more manageable, and I think the companies are going to realize that they don’t need a lot of data scientists. You don’t need a stable of data scientists. You need one or two good data scientists surrounded by data engineers, storytellers, business analysts. In fact, there’s this new term coming up called “business scientist”, is that what do we do with the people who are really using information and facts within the business? They are the people who are going to be making some of these, filling these new kinds of requirements.

Guy Nadivi: Would business scientists be sort of a parallel to the term I’m starting to hear of a “Citizen Data Scientist”?

Theresa Kushner: Exactly.

Guy Nadivi: Okay.

Theresa Kushner: Exactly.

Guy Nadivi: Interesting. Your expertise is in predictive analytics for marketing, but I want you to put on your IT cap for a moment, and consider your marketing target to be the end users of an organization’s IT infrastructure. Where would you start using predictive analytics to improve the IT department’s outcomes in servicing its end users?

Theresa Kushner: Yeah. One of the biggest issues with marketing, especially when a real time environment is required, is that the systems, and the websites, and everything that supports marketing, stay up. I can’t count the number of times that a down system has put a campaign or a marketing program at risk because a lot of the things that we do nowadays in marketing are real time. They’re reactive to the customer immediately, so you want to make sure that the systems are always there. I think the one area that IT could apply predictive analytics to immediately is in predicting when a disk, a network, or a storage failure is about to happen, and correct it before it does. They could also help us in applying some predictive analytics to the flow of data from one system to the next. Especially if the business has a seasonal component like retail on Black Friday.

Theresa Kushner: They should be able, IT should be able to help us predict large loads on the systems. We shouldn’t just have that surprise us, so I think that there’s a lot of things that IT should be doing that can help predict with the business what’s going to happen.

Guy Nadivi: I think those predictive failure use cases you just cited are very much why the emerging field of AIOps is gaining attention, because that’s exactly what they want to try and do.

Theresa Kushner: Exactly what they’re doing.

Guy Nadivi: Theresa, what are some of the most unrealistic expectations currently plaguing the field of predictive analytics?

Theresa Kushner: There are a few. Most people believe if you have a lot of data, you can predict anything, and then they pick the one thing to predict that they don’t have any data for. For example, if you want to predict which of your employees might be on the verge of leaving the company, you should probably have some good data on employee engagement, their past performance, their attendance records, and even, even their email, and what they’re doing, how they’re communicating with outside sources, and it should be collected to be able to predict this well. Here’s an example. Ginni Rometty from IBM announced last week, or a few weeks ago, that IBM had done just this, that they had created an algorithm that with a 95% accuracy could predict which of their employees was getting ready to jump ship. She mentioned in the article that I read that she had a somewhat difficult time convincing management to use the results, and herein is the rub.

Theresa Kushner: This is the most unrealistic expectation – that whatever we predict will be used to make decisions or drive the business. Usage of predictive models only helps us get better, but it can be difficult to get the usage started with the business, especially if there’s not a track record of trusting the data that you have.

Guy Nadivi: Is the lack of trust what’s preventing embracing and adopting the predictions?

Theresa Kushner: I think in some cases it is. I think in other cases, I think business leaders who’ve done business a particular way for a very long time feel in their gut how it should be done, and so they don’t necessarily always rely on data to help them guide, to help guide them. Nowadays with business moving as fast as it is, it’s very difficult to get information that people trust immediately. We as the data professionals need to work hand in hand with business and IT to make sure that everybody understands what the expectations are before we start.

Guy Nadivi: You just got me curious. Is there anything that you’ve seen, any programs, incentive programs or anything of the like, that have been effective in getting managers to embrace, adopt, and deploy the results of the analytics?

Theresa Kushner: The best I’ve seen is that when, and it has to do with sales, is that when you actually commit in a sales environment, and usually propensity models are best used in sort of a telesales environment, where you can order the calls you have to make that day, and the top 10 are what you go call on. Those work very well when the sales management is as involved with the modeling and the use of those models as the individuals on the phone making the calls. I’ve seen them work incredibly well when there’s a concerted effort, and they reward people for completing their list, and they make a big deal of the effort that’s put forth. I’ve seen a lot of sales guys come from the very last place in their sales hierarchies up to the top, just by putting in place the predictive modeling.

Guy Nadivi: Speaking of managers using predictive analytics, what do you think enterprise executives who’ve never dealt with predictive analytics know before deploying it?

Theresa Kushner: The one thing I always make sure that executives know is that predictive analytics is not a silver bullet. You can’t predict your way to revenue growth, or profitable businesses without involving the executives and getting their support, and that means their time, their money, and more importantly, their attention to this. There has to be a buy-in to use the predictions that get generated. The one thing that every executive should know before deploying a team to do predictive analytics is that the team must have business guidance and support. There’s no other choice.

Guy Nadivi: For the CIO, CTOs, and other IT executives listening in, what is your one big must-have piece of advice that you’d like them to take away from our discussion with regards to implementing predictive analytics?

Theresa Kushner: I’ve seen this a lot of times, and this is my one mantra here, is my one word of advice, is don’t build a predictive analytics team in a silo. Make sure that whatever you do, you have collaboration across IT and the business, that you tackle the projects together, and that you fail or succeed together.

Guy Nadivi: Excellent advice. All right. Looks like that’s all the time we have for on this episode of Intelligent Automation Radio. Theresa, thank you very much for joining us today and sharing your-

Theresa Kushner: Thank you, Guy, for having me. I really enjoyed it.

Guy Nadivi: Oh, your perspective was fascinating, and especially with predictive analytics for IT, I think a lot of people will really enjoy this discussion.

Theresa Kushner: Good.

Guy Nadivi: Theresa Kushner, Partner in Business Data Leadership, formerly Dell’s Senior Vice President of their Performance Analytics Group, and recent inductee into the Analytics Hall of Fame. Thank you for listening everyone, and remember, don’t hesitate, automate.



Theresa Kushner

Partner in Business Data Leadership, & former Senior Vice President of Dell’s Performance Analytics Group.

Theresa Kushner is an accomplished, business-centric data executive, board advisor and published author who leads companies through transformation during rapid technology, regulatory and market disruptions. She brings 25+ of expertise harnessing data and analytics, company and customer information to lower costs and contribute multi-billion dollar growth for technology leaders including Cisco Systems, IBM, VMWare, and Dell/EMC. She has a strong track record overcoming challenges faced by the business application of technology to the data and information supply chain.

Theresa is a member of data.world Advisory Board, where she advises on using data and analytics, using data to measure marketing contributions and on aligning organization with industry experts. Theresa is a thought leader on data with two co-authored books on the subject. She is a sought-after speaker on data and analytics and a regular contributor to Latin Business Today – also sitting on the Advisory Council to this site. Theresa has been recognized with numerous awards, including the International Institute of Analytics Association Award for VMWare analytics (2016) and Database Marketing Association Award for Excellence from Cisco, among others. She is a recent inductee into the Analytics Hall of Fame.

Theresa Kushner can be found at:

E-Mail:         tckushner@gmail.com

Twitter:        @tkushner

LinkedIn:     https://www.linkedin.com/in/theresakushner/

Website:     http://businessdataleadership.com/

Quotes

“Once you have a good, solid data set, then you can develop your algorithms to predict, and most data scientists build a predictive model that looks at patterns in the data. That's all predictive analytics really is.”

"You don't need massive amounts of data to build a predictive algorithm, but you do need it to find patterns in the data. The larger the data set, the more patterns that are potentially visible, and that's why big data's so important to data analysts.”

“You don't need a stable of data scientists. You need one or two good data scientists surrounded by data engineers, storytellers, business analysts.”

“I think the one area that IT could apply predictive analytics to immediately is in predicting when a disk, a network, or a storage failure is about to happen, and correct it before it does.“

“Most people believe if you have a lot of data, you can predict anything, and then they pick the one thing to predict that they don't have any data for.”

“You can't predict your way to revenue growth, or profitable businesses without involving the executives and getting their support, and that means their time, their money, and more importantly, their attention to this.”

About Ayehu

Ayehu’s IT automation and orchestration platform powered by AI is a force multiplier for IT and security operations, helping enterprises save time on manual and repetitive tasks, accelerate mean time to resolution, and maintain greater control over IT infrastructure. Trusted by hundreds of major enterprises and leading technology solution and service partners, Ayehu supports thousands of automated processes across the globe.

GET STARTED WITH AYEHU INTELLIGENT AUTOMATION & ORCHESTRATION  PLATFORM:

News

Ayehu NG Trial is Now Available
SRI International and Ayehu Team Up on Artificial Intelligence Innovation to Deliver Enterprise Intelligent Process Automation
Ayehu Launches Global Partner Program to Support Increasing Demand for Intelligent Automation
Ayehu wins Stevie award in 2018 international Business Award

Links

Episode #1: Automation and the Future of Work
Episode #2: Applying Agility to an Entire Enterprise
Episode #3: Enabling Positive Disruption with AI, Automation and the Future of Work
Episode #4: How to Manage the Increasingly Complicated Nature of IT Operations
Episode #5: Why your organization should aim to become a Digital Master (DTI) report
Episode #6: Insights from IBM: Digital Workforce and a Software-Based Labor Model
Episode #7: Developments Influencing the Automation Standards of the Future
Episode #8: A Critical Analysis of AI’s Future Potential & Current Breakthroughs
Episode #9: How Automation and AI are Disrupting Healthcare Information Technology
Episode #10: Key Findings From Researching the AI Market & How They Impact IT
Episode #11: Key Metrics that Justify Automation Projects & Win Budget Approvals
Episode #12: How Cognitive Digital Twins May Soon Impact Everything
Episode #13: The Gold Rush Being Created By Conversational AI
Episode #14: How Automation Can Reduce the Risks of Cyber Security Threats

Follow us on social media

Twitter: twitter.com/ayehu_eyeshare

LinkedIn: linkedin.com/company/ayehu-software-technologies-ltd-/

Facebook: facebook.com/ayehu

YouTube: https://www.youtube.com/user/ayehusoftware

Disclaimer Note

Neither the Intelligent Automation Radio Podcast, Ayehu, nor the guest interviewed on the podcast are making any recommendations as to investing in this or any other automation technology. The information in this podcast is for informational and entertainment purposes only. Please do you own due diligence and consult with a professional adviser before making any investment

5 Tips for Managing the Changes of Digital Transformation

Today’s business leaders are focused on digital transformation. What they often fail to consider is how much transformations like these alter the very essence of their organization. In some instances, a company might modify its entire business offering after going through a successful transformation. This may require a complete realignment of how you approach the market, how you use technology, how you engage your customers and how your employees see their roles as well as the business as a whole.

At the end of the day, change is about speed. It’s about competitiveness. It’s about innovation. To be successful in today’s digital environment, organizations must be agile and ever-evolving. The problem is, change isn’t always easy – especially when it comes to people. Getting your employees on board requires strong, deliberate leadership. This is where change management comes into play. To follow are five truths that change leaders must embrace in order to be successful.

Start with a vision.

You cannot drive change unless and until you have a clear and accurate picture of what you’re trying to achieve. When you develop a vision of the end-state, it becomes easier to understand the ‘why’ of what you’re doing, and when you can get others to appreciate this ‘why,’ you’ll get buy-in. Just be careful not to be too rigid with your vision. Make sure you leave room for adjustments along the way. 

Involve the stakeholders.

Remember, change management is really about people, and these people will either resist or embrace the proposed changes. To mitigate detractors and maximize drivers, identify who will be most affected by the changes you are proposing and then get them involved in the process as early as possible. If you can make them feel a sense of control over what’s happening, they’re more likely to become advocates for your cause.

Listen.

The nature of digital transformation is that it is fluid. You will inevitably reach points at which you must pivot in order to progress. There may also be a number of tradeoffs or roadblocks you haven’t yet considered. Listening to those most closely affected can provide insight as to what courses may need to be corrected. Additionally, giving people a voice can help get them on board. Invite people to share their questions, concerns and feedback.

Communicate, communicate, communicate.

Having a clear vision of your digital transformation won’t do much good unless you share that vision with everyone else. Being honest, forthcoming and transparent right from the start can do wonders for overcoming employees’ fear of change. Use as many tools as are available to you, from email and newsletters to intranet sites, videoconferencing, town halls and more. Do everything you can to instill that vision in your employees.

Learn as you go.

The fifth rule for change leaders is to recognize that as you push forward toward your goal, new and unexpected challenges can and will arise. Your success in achieving digital transformation will depend largely on your ability to adjust to those challenges. Be prepared to regularly reevaluate to make sure you’re still on the right track and course-correct as needed. Being agile is what will ultimately get you to your end game.

Of course, having the right tools in your corner can also help make managing change easier. Ayehu supports digital transformation through seamless integrations, rapid adoption and even faster time-to-value. Click here to take Ayehu for a test drive for 30 days.  

eBook: 10 time consuming tasks you should automate

Smart CIOs know AIOps is the key to maximizing efficiency

In today’s volatile marketplace, businesses in every industry are focusing on cutting costs. Unfortunately, some folks still view IT as an expense and an area in which the metaphorical belt can be tightened. What they don’t realize, and what an increasing number of CIO’s are embracing, is that implementing AIOps can actually result in reduced expenditure overall.

CIO’s that are concentrating on IT as a force of operational automation, integration and control are losing ground to executives who see technology as a business amplifier and a source of innovation. Ongoing advances in technology are now providing forward-thinking CIO’s with a much broader spectrum with which to work in terms of cutting costs across the entire organizational platform.

It has nothing to do with cutting IT capability, but rather finding ways to make IT operations more efficient. This is primarily achieved through intelligent automation, which significantly reduces the time and resources needed to run both routine tasks as well as complex workflows. When these tasks and workflows are automated, IT personnel are freed up to focus on other, more critical matters, thereby improving the overall performance of the department and subsequently the company as a whole.

Another way that CIO’s are leveraging AIOps for the benefit of their organizations is through improvement of incident management and mean time to resolution (MTTR). Critical system errors are costly and can have a significant impact on an organization’s bottom line. AI-powered intelligent automation is allowing businesses to manage incidents and downtime scenarios more efficiently and in a much timelier manner, which means less risk of negative impact, both on the business and on the end user.

AIOps isn’t just becoming a tool for cutting costs, either. It’s also significantly improving business performance, which plays a key role in increasing revenue. According to a recent survey conducted by Gartner, the main focus of CIO’s in the current climate is growth. They want to attract new customers and effectively retain their current ones. Intelligent automation helps to improve service levels, thereby improving the customer experience.

In a time when budgets are at the forefront of every manager’s mind, from the top down to those on the front line, finding areas to improve service and lower expenditure has become a necessity. The concept of AIOps has opened up a number of opportunities for streamlining operations and improving efficiency, which ultimately achieves the goal of reducing costs and boosting enterprise growth. By applying technology as an amplifier to business operations, rather than as simply an individual component, organizations that are embracing artificial intelligence and automation are already reaping the benefits and are poised for ongoing success as we move toward the future.

Ready to join these forward-thinking business leaders? Download your free trial of Ayehu and start building your AIOps strategy today.
Free eBook! Get Your Own Copy Today

Making the Case for Artificial Intelligence in Your Organization

Recent statistics published in Forbes revealed that while 82% of IT and business decision makers agree that company-wide strategies to invest in AI-driven technologies would offer significant competitive advantages, only 29% said their companies have those strategies in place.

Why such a big divide? In many situations, it’s a simple lack of buy-in. In fact, Forbes Insights research also revealed that while 45% of IT stakeholders express “extreme urgency” regarding the application of AI within their organizations, only 29% see that same sense of urgency among their C-suite. Among the board of directors, that percentage drops down to just 10%.

Leaders who want to reap these benefits and advance AI within their organizations must overcome these odds by making a strong, solid business case around how artificial intelligence will deliver in terms of business benefits, such as operational efficiency, competitive advantage and revenue growth. Here are a few recommendations on how to accomplish this goal.

Illustrate success through real-life case studies.

There’s nothing more powerfully persuasive than a real-life story. C-suite executives and board members don’t want to hear about hypotheticals. They want to see numbers – quantifiable proof of ROI – before they’ll be willing to sign on the dotted line and invest in AI. After all, it’s pretty hard to argue against benefits like lowered costs, improved service levels and other key business advantages.

Demonstrate AI’s decision-making support.

One of the hardest parts of an executive’s job is making critical business decisions. If you can show them how artificial intelligence can address and resolve this major pain point, you’ll make believers out of even the biggest skeptics. Simply put, AI provides the ability to digest, process and analyze data to unlock invaluable insight and boosting confidence through data-driven decision support.

Position AI as the cornerstone to successful digital transformation.

These days, everybody’s talking about digital transformation. In fact, it’s widely believed that moving to digital operations and offering digital services will be absolutely essential in order to remain competitive in the modern economy. If you can position AI as the catalyst for making this happen, you’ll get emphatic yesses across the board. And since analytics is the core to what drives digital experiences, the connection to AI shouldn’t be too difficult.

Link AI with the power to innovate.

40% of IT leaders list driving innovation and implementing new tech as one of their top concerns. In today’s rapidly changing landscape, staying in-step is no longer enough. To remain competitive and achieve sustainable success, organizations must find a way to stay a few steps ahead. Easier said than done? Not when you have artificial intelligence in your corner. AI offers business leaders the opportunity to garner engagement from all levels of the organization, creating a truly collaborative environment where ideation and innovation thrive.

Reinforce the power of AI for optimizing client experience.

In business, you’re only successful if your customers are happy. Leveraging machine learning and artificial intelligence can help businesses to become far more responsive to their clients, ultimately delivering a better experience overall. And it’s a win-win, because not only do customers receive a higher level of service, but because AI frees up employees to focus more on high-value initiatives, the organization benefits from greater productivity. Happier clients + more efficiency = a better bottom line.  

It’s important to point out that AI, just as with any technology, shouldn’t just be implemented for the sake of it. It should be leveraged because it’s the best and most effective solution to a specific business problem or opportunity. When presenting your case, be sure to tie the technology and its capabilities directly to these problems and/or opportunities, and demonstrate exactly who will benefit and how. This will make your case far more compelling and improve your chances of success.

Want to really wow those key decision-makers? Download your free trial of Ayehu, and you’ll have a full 30 days to create a use case of your own that will demonstrate quantifiable ROI within your own organization. Click here to get started!

EBOOK: HOW TO MEASURE IT PROCESS AUTOMATION RETURN ON INVESTMENT (ROI)

4 steps to minimize MTTR

Any seasoned IT professional will tell you that one of the biggest challenges they face in their day to day job is reducing mean time to resolution (MTTR), or the amount of time it takes to get key systems back up and running after an incident. Down time in any industry can have a significant impact on both internal operations and external service levels. And the longer it takes to get things resolved, the worse the problems can become. Intelligent automation can make minimizing MTTR even easier and more effective.

Managing mean time to resolution involves 4 main steps:

  • Identifying the problem
  • Uncovering the root cause of the problem
  • Correcting the problem
  • Testing to verify that the problem as successfully been resolved

How quickly you can achieve the first step will ultimately depend on the quality of the monitoring system you have in place. Having a basic system can only get you so far and leaves a lot of room for costly error. Depending on how many incoming alerts your organization fields, staying on top of them can be too much for a small IT department. That means serious issues could slip through the cracks and cause major problems down the road. Enhancing your system with intelligent automation can create a highly effective, closed-loop solution, ensuring that all critical incidents requiring attention are prioritized and addressed accordingly.

Once an incident is identified, the next step is determining its root cause. This is the costliest part of the MTTR equation because it takes time, resources and manpower. Obviously, the more serious the issue, the more quickly it needs to be addressed. It may require “all hands on deck” to help uncover the cause so it can be corrected. It’s also important to maintain visibility and accountability at all times throughout the process. Who is handling the problem? What steps have been taken so far to get to the bottom of it? Has anything been missed? Again, automation can address this by providing real-time status of incidents, ownership, severity and priority in one central dashboard.

As soon as the problem has been properly diagnosed, the third step is taking the necessary actions to resolve it as quickly and effectively as possible. With most incidents, time is of the essence, so developing a solution is critical. One of the biggest benefits of integrating intelligent automation into your incident management process is that it can actually predict MTTR based on historic events. This can provide a guideline for the resolution process and alleviate some of the stress that naturally arises during a downtime. The IT team will be able to work quickly and efficiently to implement a solution that will get systems back up and running fast, limiting the negative effects on the company.

The final step in the MTTR process is testing to ensure that the problem is, indeed, resolved. It’s also important to assess each process to identify areas that can be improved. Being proactive and leveraging artificial intelligence can help to determine the best way to deal with similar incidents and can even help to avoid them completely.

In conclusion, managing the mean time to resolution process involves careful monitoring and the right tools, specifically intelligent automation. This can provide the most timely and effective response and a faster overall turnaround, thereby reducing or even eliminating impact on the business.

If your current incident response strategy isn’t producing these results or you’d like to learn more about how IA can dramatically reduce your MTTR, take Ayehu for a test drive or download a free 30 day trial.

Free eBook! Get Your Own Copy Today

3 Ways Virtual Assistants are Transforming the Service Desk

A few years ago, the chatbot phenomenon swept the consumer world. Today, people are becoming more and more at ease using conversational AI and virtual assistants to do everything from set their doctor appointments to planning travel. Yet, despite this consumer-driven craze, one area that seems to have been left largely in the dark is the IT help desk. Surprisingly (and frustratingly) enough, for many organizations, even something as basic as requesting more storage and resetting your password still requires opening and waiting for a ticket to be serviced.

The truth is, what once began as an innovative service to help employees has somehow evolved into more of a costly distraction. Budget-conscious executives have come to view the IT service desk, not as a core component of the business, but as an expensive necessity. As such, the help desk has long been the target of cost-cutting reductions. Yet, despite these efforts, one recent report indicates that the expenses surrounding service desks are actually on the rise. Today, a typical help desk is massively overloaded and majorly underfunded.

Enter the virtual assistant. Unlike the many other “solutions” CIOs tried in the past, chatbot technology has the potential to dramatically disrupt and ultimately transform the modern service desk in a way that is both positive and sustainable. This will happen in three distinct ways, as follows.

Automating the humdrum.

According to Gartner, password resets account for 40% of all service desk requests. In this way, help desk support agents can feel like mere robots, repeatedly responding to the same requests over and over (and over) again. Why not transition these mundane, repetitive tasks to actual robots? AI-driven virtual assistants can handle everything from simple tasks to complex workflows. This frees up human agents to focus on higher-level initiatives.

The best part? Chatbots are available 24 hours a day, 7 days a week, 365 days a year. They work weekends and holidays and they don’t require overtime. This means not only can you offer round-the-clock support, but scaling to higher volumes will not require an increase in headcount. The tremendous value this promises has led many large, global enterprises to begin deploying virtual assistants.

Removing the human from intuitive tasks.

Under normal circumstances, a typical service order can take more than a full business day to resolve. This process generally includes several interactions between support analysts and often requires escalation to subject matter experts. Next generation chatbot technology is now capable of using historical interactions – such as voice transcripts, prior transactions and other preexisting data – to learn, engage, suggest and recommend resolutions. Even complex troubleshooting can be handled almost, if not entirely by virtual assistants.

Revamping the user experience.

The IT industry has spent a fortune in an attempt to improve employee self-service. Yesterday’s setup was centered on the creation and maintenance of an institutional knowledge base where users could log in and search for answers to their questions in lieu of opening a help desk ticket. The results of these queries were often mixed. Today, thanks to advances in artificial intelligence technology, a user can type, text or even speak their question and a virtual assistant can engage in a meaningful exchange to resolve the issue.

Despite getting off to a markedly slow start, large enterprises around the globe are beginning to recognize the value that conversational AI brings to the table. As such, we are seeing a rapidly growing number of organizations “hiring” virtual assistants to help transform their service desks into the highly effective, cost-efficient and innovative business benefits they’ve always dreamed of being.

Get started with virtual assistant technology and see how it can revolutionize your help desk by downloading your free 30 day trial of Ayehu today.

Attention MSPs: How a hybrid approach could be your next opportunity

It’s happened time and time again: large corporations wavering between total in-house IT and complete outsourcing, only to discover that neither option provides a truly cost effective and efficient solution. Such was the case with European oil company Rompetrol, who seesawed between both approaches, all the while wasting value time, money and resources only to lose control over their IT altogether. This all changed, however, when CIO Marcel Chiriac took over in 2012.

Upon discovering that the outsourcing firm the company had hired had grossly mishandled things, Chiriac took on the daunting task of getting things back under control as quickly as possible. Weighing his options, and considering the fact that shifting everything back to in-house again that fast would be just short of impossible, Chiriac opted instead for a hybrid IT environment. This provided the “best of both worlds” in terms of control and efficiency.

The first step in the process involved putting together a team of IT professionals with whom he could work to renegotiate contracts with the many software vendors Rompetrol dealt with. Chiriac’s in-house team then had the job of evaluating the state of the company’s IT infrastructure since it had been managed by the previous provider. The results were disheartening. Additionally, the outsourcing provider refused to cooperate with the transition, making the process extremely frustrating and arduous.

Knowing he was working with a timeframe of just 3 months, Chiriac knew that using traditional technologies simply wouldn’t be sufficient to gain control over and document the asset transfer process. He decided that intelligent process automation might be his best option for meeting the tight deadline and getting the company’s IT performance back up to par. The new IT provider got to work extracting the information needed to allow Rompetrol to begin securing their scattered and vulnerable infrastructure.

Perhaps the most important step taken during this 3 month period was the introduction of “virtual operators”. These are essentially just IT service robots which helped to quickly identify the exact network composition. In addition to facilitating the consolidation and optimization of the company’s infrastructure, these virtual engineers also enabled in-house IT professionals to manage incidents more proactively. This allowed problems to be resolved quickly and efficiently, improving performance and service levels.

Within just one month’s time, automated solutions had been put in place for more than 2,000 items, including switches and servers for over 750 of Rompetrol’s gas stations. There has only been one single outage since the shift to the new hybrid model, and it’s succeeded in reducing operating costs by 27%. At this point, the internal IT team is able to focus on further optimization needs.

Beyond what this means for other companies looking to cut costs and improve IT operations, the use of virtual operators is poised to revolutionize things for managed service providers.  Intelligent automation will open up new avenues of opportunity to provide enhanced levels of support, maximize internal resources, lower costs and maintain competitive advantage. As businesses begin to recognize this hybrid approach, they will begin to once again look to managed service providers to help them achieve the best of both worlds in terms of control, IT security and efficiency.

Are you an managed service provider that would like to become part of a success story like that of Rompetrol?  Intelligent automation is the tool you need to jump ahead of the game. Click here to try it free for 30 days.

Episode #14: How Automation Can Reduce the Risks of Cyber Security Threats – Toast’s Naor Penso

April 01 2019    Episodes

Episode #14: How Automation Can Reduce the Risks of Cyber Security Threats

In today’s episode of Ayehu’s podcast we interview Naor Penso – Founder of Toast, & former CTO of Cyber Security at AMDOCS.

Cyber security is an issue keeping an awful lot of IT executives up at night.  And rightly so. Today’s threat landscape is increasingly hostile, the cyber security skills gap continues widening, and budgets aren’t keeping pace with the demand for better defensive measures. It’s a perilous situation exacerbated by the astounding fact that many C-suite executives don’t take the need for cyber security seriously, until a high-profile incident occurs on their watch.

Gaining a better understanding of the dynamics shaping this domain requires insight from a cyber security expert like Naor Penso, Founder of Toast (a cyber security startup currently in stealth mode), and former CTO of Cyber Security at AMDOCS, a global telecommunications services company.  In this episode, Naor breaks down for us why cyber security professionals should view automation as an asset in their never-ending struggle against bad actors, what metrics IT security executives should focus on when evaluating the effectiveness of automating security operations, and why automation is one of only two realistic ways to mitigate the cyber security talent shortage.




Guy Nadivi: Welcome, everyone. Our guest today on Intelligent Automation Radio is Naor Penso, former CTO of Cyber Security at AMDOCS, a global telecommunication services company many of you might know of. He’s also the founder of Toast, a cyber security startup currently in stealth mode. Naor knows a lot about cyber security. Given the dire need for automation in the cyber security space, we were very eager to have him come on the show so we could get his insights on the current state of this market. Naor Penso, welcome to Intelligent Automation Radio.

Naor Penso: Hello, Guy. Thank you for having me.

Guy Nadivi: Naor, let’s dive right in. What are some of the biggest benefits to an organization from automating their security operations?

Naor Penso: I have two ways of looking into the benefits of automation. The first one focuses on the internals of the security group. That means that when you are automating within the security group, you can actually remove some of the tedious tasks that security people has to do in order to actually do things. Otherwise, they won’t have the time to do and will probably dive into the talent shortage and speak a little bit about it. Definitely, reducing the time to value, which means reducing the time for detection of incidents. Maybe reducing the time to act and respond to incidents. That’s definitely a core benefit. Another ecosystem that is beneficial of security automations is actually reducing the friction with the IT units, especially with the employee experience groups within the IT. That normally has a lot of reservations around the security aspects and how that impacts the employees’ productivity.

Guy Nadivi: For IT executives, what are some of the biggest benefits that they would see from automating security operations?

Naor Penso: First and foremost, there is a lot to do with SLAs around cyber security. Today, cyber security’s embedded within most of the IT processes starting from the initiation of new projects up to protecting a real-life production environment. The majority of those tasks around security require manual intervention either from an architect, from an engineer, or even from the security operation center. By enabling automation to those users, we can definitely help the IT executives reach better SLAs for the business customers within the company and also for the external customers of the organization. Furthermore, as I said around the friction with the IT definitely by automating some of the tasks that are occurring between the IT and the employees of the company, the IT group can get far better results and less friction with the employees themselves. At the end of the day, a happy employee for the IT is definitely better.

Guy Nadivi: Those are the benefits. What are some of the bigger challenges for automating security operations?

Naor Penso: For cyber security specifically, I think that it is a little bit of a problem trying to design replicatable processes. From what I’ve seen, I’ve seen across multiple organizations, there are numerous tasks that although seem to be reproducible, every time a different employee or a security expert engages with that task, he operates it differently. This is actually where some of the more intelligent automation features should definitely come into play. Today, there is a lot missing in the standardization within the market in general and within security organizations to be specific.

Guy Nadivi: When you say missing standardization, you’re referring to things like playbooks and things of that nature?

Naor Penso: Definitely. Definitely, playbooks on how to do things. Also, in terms of activities within the organization and how they’re being executed. If you will go and survey different security groups, you will find that the same tasks is probably done 60% differently in each and every one of the organizations because there are different security systems involved or different IT processes, which makes it hard for an organization to try and succeed in replicating that playbook and that knowledge. Definitely, that is an issue.

Guy Nadivi: You mention security professionals, and we’ve seen that some security professionals are reluctant to embrace security automation. Can you speak to what some of the psychology is behind that?

Naor Penso: Yeah, definitely. From the reluctance standpoint, I’m seeing two options of the reasoning for an expert to try and steer clear from automation. The first one is looking from a technical security standpoint. When you’re introducing a new automation system to the environment, in essence, that system has access to numerous internal systems, sometimes very sensitive systems, or at least systems which can cause a lot of damage. By introducing an automation security, you are essentially creating a single point of an issue that the security people need to attend to. That is probably less of the biggest reluctance in security as far as I am concerned. The second one would be that security experts like to be a part of the processes.

Security as a whole, we see today that people in the security industry definitely feel that they need the support or a supportive tool, but not necessarily a decision maker that is doing the entire automation end-to-end because there are many different factors that you need to take under consideration when you’re handling security. Where it is a security incident where you need to decide if you are blocking a machine from accessing the network, or you are enabling the machine to continue working because the business impact is too high, those sort of things cause security professionals to steer clear from automation and try to use at least the automation at least in some aspect, but just as a supporting tool. Definitely, not the full automation tool.

Guy Nadivi: You’re describing some of the reasons that security pros are suspicious about automation. How would you go about mitigating that suspicion for them about automation?

Naor Penso: I think the first thing is something that should come from the automation vendors of the world. I think that there is a somewhat lack of transparency in how those automations work and how secure the automation systems are. If an automation vendor can prove beyond doubt that the system is secure and is supporting that in the architecture, in the way that the system was developed, in penetration testing results, definitely that can raise the assurance of security experts that they can now leverage that automation system. The second thing is to attend to the maturity of the security teams themselves. Unlike automation of IT service desk, where the impact of the issue might be contained to some extent, when it comes to cyber security, the impact of an automation failure or a failure in the design of an automation can be devastating to the organization. Definitely, that is a point in the maturity curve that security teams need to start adjusting to. I would say instead of jumping from no automation at all to fully aligned automation with playbooks running without any human intervention, you should have a step in the middle where automation is a decision support system for the security group, not necessarily a replacement for some of the security personnel within different processes.

Guy Nadivi: So making automation more of a tool for better decision-making?

Naor Penso: Definitely a tool for better decision-making. I would even take it a step farther and say one of the things that would actually raise assurance is to demonstrate over time that the decisions that were taken over by the security personnel were exactly the same. That would actually pivot or tip it over to full automation. Considering that there is an incident and the security team is 99.9% of the time handling it the same way, there is no reason why not to fully automate that. In order to reach that level of assurance, we need data and we need to be a part of the process until that data magnitude is achieved.

Guy Nadivi: For a security organization that can overcome the suspicions and get comfortable with automation, what functions of the security organization would benefit the most from automation?

Naor Penso: I think that similarly to the IT, that would probably start with the security operation center and the service desk. There are a lot of tasks for these teams that can be fairly easily replicated in an automated manner. Mainly around collection of knowledge and collection of insights from different systems. The ability to take decisive actions, even if they are prompted manually. As an example, I need to push a patch to that server or I need to run a full virus scan on that machine. Those are simple playbooks that can definitely raise the posture of the security operation center. With that, raise the security posture of the entire organization. Of course, outside of that scope, there are also the governance risk and compliance teams. One of the things that I have noticed over the years is that a lot of organizations attempt and manage their risk practices. They have a risk registry where they can definitely show the Chief Information Security Officer what is the current risk score for the organization. But ongoing governance is something that is very hard to reach.

Think about a use case where an architect is working on a project within the IT or within a business unit and he’s defining the standard on how this system should be secure. As an example, a virus scan should run on a weekly basis. These sort of networking policies should not be acceptable as an example. The server should not accept any requests within certain amount of ports. Those sort of things are always reading into documents, but rarely coming to practice when it comes to the governance of the system. That in essence can be automated. Those governance processes can definitely be automated and provide much greater assurance to the security team that their requirements and demands are actually taking place in real-life production environments.

Guy Nadivi: You’re mentioning governance processes, and you mentioned playbooks earlier. That’s got me curious, Naor. What specific security processes do you feel are best suited to be automated?

Naor Penso: I think that at first forensic data collection, and the ability to run, I call them, executioners. Forensics data collection in essence enables the IT team, and the security team to gather data very quickly when there is an event that requires such. We can look into collecting metadata from the server that might run a Malware, or a Ransomware attack where you want to quickly scan all of the machines and get some insights. Those type of automations can definitely help reduce the time to value for the investigative team. Furthermore, we can definitely find processes around network and host change management. That is the executioner part where you can come and say, “I need to take that computer offline right now.” Today, what would probably happen is that an engineer will need to remotely access the machine and then invoke a command to shut down the machine, or if someone already wrote a script that attempts to do that. The ability to automate those type of processes and actually define a structure, a very simple one even.

If we found that there is an event of a virus, then run a virus scan on the machine, can definitely help the security teams handle events that they might not have handled in the past because they were flooded by events or because they had more severe cases to handle. Last but not least, as I said there is the point of system governance which can definitely be leveraged through automation. Also, one of the things that I’m seeing for companies that want enhanced security over their production environments and over access to very sensitive systems is an example of a process that generates temporal users and provides access for a certain amount of time. Then, blocks the access. Those sort of things are things that can only occur through automation, because when it comes to scale, you cannot augment users and remove access, recurrently using manual labor.

Guy Nadivi: You just mentioned scripting, and that got me wondering, Naor, what skills do you think are most important in order to effectively automate security operations?

Naor Penso: I think that the first skillset is actually understanding the business processes, and understand where security is embedded into those processes, and where the process can be automated. Of course, for internal security purposes or internal security instances, the business understanding reflects on what systems are a part of the process. What is the impact of the automation of the process? Afterwards, it is crucial to identify the integration points and the systems associated and how will that come into play within the playbook. I have seen multiple customers and corporates along the way that had developers working within a security group building scripts, whether it was in Python or other scripting languages, but on most occasions, what I’ve seen is that it was hard to maintain over time, and it was hard to manage from an holistic standpoint. Definitely, I think that the ability to build the playbook is the most critical one given that today there are solutions in the market that enable augmentation of those playbooks in a fairly straight forward manner.

Guy Nadivi: For the IT executive or security executive that’s considering incorporating automation into their security operation, what single metric do you think best captures the effectiveness of automating security?

Naor Penso: That is a tough question, because in security inherently, there is no real way to show ROI. Consider that when you are implementing a firewall, in essence you have invested money in a system that will generate alerts that will then require you to do something about it. It is not a real value ROI model for an organization. If we’re looking into the metrics that is valuable for the measurement of the success of automation within the security realm, I would say the improvement of the SLA performance. Being able to demonstrate the amount of time it took to investigate an incident or to respond to an alert was in the hours, and now it becomes minutes or seconds. That is a dramatic improvement. When it comes to a Ransomware attack that is now spreading out in the wild in the organization, that timeframe is critical for the business to prevent any disruption. Other metrics that might be considered are time-sensitive metrics. I’m trying to look into how much time is saved for the team that now has time to invest in other ventures. People can now start investing into building new foundations for the future of the security group, not necessarily just to keep their heads above water. Last, but not least, the corporate risk part. I think that there is value in measuring corporate risk. I think that most organizations, the large ones at least, do measure the cyber security risk.

Definitely, automation can be a valuable part in the reduction of that risk either by deciding which policies are enforced corporate-wide. Then, instead of evaluating them on a periodical basis, actually automating the identification of any deficiencies. Then, the alignment of the organization with those policies. That can definitely reduce the risk.

Last, but not least, when it comes to risk, we should most probably talk about the human factor. We haven’t talked about it yet in this discussion. As most security statistics will show, the human factor is the most critical function that is responsible for breaches and attacks. Of course, it starts from employees that get a phishing email that then manifests into Malware, but it is not the only case. Think about the latest breaches to cloud environment in which some wrong management of an AWS S3 bucket permission set exposed a large amount of highly sensitive data to the internet. That sort of issue can exist only because someone has mis-configured that specific S3 bucket. In essence, that is reflected across organizations. Everyone makes mistakes. By introducing automation into the system and into the organization, you are reducing dramatically the amount of human error in places that it might be manifested into. Think about network change management, host change management, policy enforcement, and of course continuous governance of environments.

Guy Nadivi: You mentioned the human factor. It’s well known that there’s a massive human or talent shortage in cyber security today. How can automation help mitigate that?

Naor Penso: Let’s talk about the facts for a moment. When we’re saying “talent shortage”, it is to say the least, we are speaking about the global crisis. We see more and more headlines around the cyber security talent issue. Today, we are already way past the 1.5 million open positions worldwide in cyber security. Based on analysts, it will only get worse. Analysts are speaking about three point something million open positions by 2021. That means that in essence the world does not generate enough cyber security experts to actually mitigate the need of organizations or to at least accommodate any of organizations for cyber security talent. When you don’t have talent, you only have two ways to try and resolve the issue. The first one is to try and standardize, ensure, and collaborate within different organizations. Actually, help organizations replicate their knowledge. In essence, help them grow together. That’s the first way.

The second way is definitely automation. When it comes to activities that can be automated, that means that the organization can either reduce the need for new manpower or at least to enable the existing manpower to focus on things that otherwise they wouldn’t have done so. I think that automation for cyber security is, if not the present, then at least the future. As long as automation will continue to grow in terms of the integration points for a new system, in terms of the ability to integrate it into business processes, definitely that is something that every CISO needs to consider today when thinking about the talent shortage.

Guy Nadivi: Naor, you really have an amazing depth of knowledge about cyber security and the state of the market. Unfortunately, it looks like that’s all the time we have on this episode of Intelligent Automation Radio. Naor Penso, thank you very much for joining us today, and giving us your considerable insights about the state of cyber security, and how automation plays a role in that specialty. You’ve been a really informative guest.

Naor Penso: Thank you very much. It was my pleasure.

Guy Nadivi: Naor Penso, former CTO of cyber security at Amdocs, a global telecommunication services company, and currently founder of Toast, a cyber security startup in stealth mode. Thank you for listening, everyone. Remember, don’t hesitate, automate.



Naor Penso

Founder of Toast, & former CTO of Cyber Security at AMDOCS.

Naor Penso is a cyber security expert and executive with a decade of experience designing, practicing and managing cyber security within enterprises. Naor specializes in creating and executing cyber security strategies that balance organizational risk tolerance with business objectives. A strong believer in business enablement, Naor regularly leverages new technologies and methodologies to help security organizations provide faster responses whilst enhancing their security posture. He is currently working on a disruptive approach to resolve the cyber security talent gap. 

Naor Penso can be found at:

E-Mail:         naor@toastgig.com

Twitter:        @PNaor

LinkedIn:     https://www.linkedin.com/in/naorpenso/

Blog:            https://www.hitit.co.il/

Quotes

“Today, cyber security's embedded within most of the IT processes starting from the initiation of new projects up to protecting a real-life production environment. The majority of those tasks around security require manual intervention either from an architect, from an engineer, or even from the security operation center. By enabling automation to those users, we can definitely help the IT executives reach better SLAs for the business customers within the company and also for the external customers of the organization.”

"For cyber security specifically, I think that it is a little bit of a problem trying to design replicatable processes. From what I've seen, I've seen across multiple organizations, there are numerous tasks that although seem to be reproducible, every time a different employee or a security expert engages with that task, he operates it differently. This is actually where some of the more intelligent automation features should definitely come into play. Today, there is a lot missing in the standardization within the market in general and within security organizations to be specific.”

“If you will go and survey different security groups, you will find that the same tasks is probably done 60% differently in each and every one of the organizations because there are different security systems involved or different IT processes, which makes it hard for an organization to try and succeed in replicating that playbook and that knowledge.”

“I would say instead of jumping from no automation at all to fully aligned automation with playbooks running without any human intervention, you should have a step in the middle where automation is a decision support system for the security group, not necessarily a replacement for some of the security personnel within different processes.“

“By introducing automation into the system and into the organization, you are reducing dramatically the amount of human error in places that it might be manifested into. Think about network change management, host change management, policy enforcement, and of course continuous governance of environments.”

“When we're saying ‘talent shortage’, it is to say the least, we are speaking about the global crisis. We see more and more headlines around the cyber security talent issue. Today, we are already way past the 1.5 million open positions worldwide in cyber security. Based on analysts, it will only get worse.”

“I think that automation for cyber security is, if not the present, then at least the future. As long as automation will continue to grow in terms of the integration points for a new system, in terms of the ability to integrate it into business processes, definitely that is something that every CISO needs to consider today when thinking about the talent shortage.”

About Ayehu

Ayehu’s IT automation and orchestration platform powered by AI is a force multiplier for IT and security operations, helping enterprises save time on manual and repetitive tasks, accelerate mean time to resolution, and maintain greater control over IT infrastructure. Trusted by hundreds of major enterprises and leading technology solution and service partners, Ayehu supports thousands of automated processes across the globe.

GET STARTED WITH AYEHU INTELLIGENT AUTOMATION & ORCHESTRATION  PLATFORM:

News

Ayehu NG Trial is Now Available
SRI International and Ayehu Team Up on Artificial Intelligence Innovation to Deliver Enterprise Intelligent Process Automation
Ayehu Launches Global Partner Program to Support Increasing Demand for Intelligent Automation
Ayehu wins Stevie award in 2018 international Business Award

Links

Episode #1: Automation and the Future of Work
Episode #2: Applying Agility to an Entire Enterprise
Episode #3: Enabling Positive Disruption with AI, Automation and the Future of Work
Episode #4: How to Manage the Increasingly Complicated Nature of IT Operations
Episode #5: Why your organization should aim to become a Digital Master (DTI) report
Episode #6: Insights from IBM: Digital Workforce and a Software-Based Labor Model
Episode #7: Developments Influencing the Automation Standards of the Future
Episode #8: A Critical Analysis of AI’s Future Potential & Current Breakthroughs
Episode #9: How Automation and AI are Disrupting Healthcare Information Technology
Episode #10: Key Findings From Researching the AI Market & How They Impact IT
Episode #11: Key Metrics that Justify Automation Projects & Win Budget Approvals
Episode #12: How Cognitive Digital Twins May Soon Impact Everything
Episode #13: The Gold Rush Being Created By Conversational AI

Follow us on social media

Twitter: twitter.com/ayehu_eyeshare

LinkedIn: linkedin.com/company/ayehu-software-technologies-ltd-/

Facebook: facebook.com/ayehu

YouTube: https://www.youtube.com/user/ayehusoftware

Disclaimer Note

Neither the Intelligent Automation Radio Podcast, Ayehu, nor the guest interviewed on the podcast are making any recommendations as to investing in this or any other automation technology. The information in this podcast is for informational and entertainment purposes only. Please do you own due diligence and consult with a professional adviser before making any investment

Want Big Improvements in ITSM? Start Small.

Have you ever faced a challenge so big that you didn’t know where to begin, so you simply did nothing? It’s happened to the best of us, and it happens far too often in the world of ITSM. In many cases, IT decision makers know improvements must be made, but the looming costs and risks have them circling their wagons, afraid to take that leap and get started. If you are in this situation currently, the solution is simple: get back to basics. Rather than taking on huge, risky and expensive ITSM projects, start where you are and take it one step at a time. By starting small, you’ll eventually achieve the big change you seek.

As an example, let’s take a larger ITSM organization that provides support service to external clients across the globe. An operation like this has a ton of service desks, some of which support multiple customers, others are dedicated to individual customers and still others are designated for internal users. Some service desks provide only logging and dispatch while others also offer level 1 support. Across all of these service desks, there are a wide variety of tools and technologies being employed.

In this scenario, the vast majority of communication with customers, for all the service desks, takes place via telephone. Decision-makers within the organization recognize the need for more efficient communication channels (i.e. self-service portals and chatbots). The problem is, in a company that large, the costs of implementation would be tremendous. IT leaders have actually already identified a tool capable of supporting such a complex environment, but because they lack confidence and adequate justification that the project would run smoothly and produce ROI, they can’t nail down funding.

Believe it or not, the solution to this monster of a dilemma is actually quite obvious. Rather than attempting to roll out chat for their entire user base – a significant and costly undertaking – all they really need to do is begin where they are and implement in several smaller steps.

For instance, IT could introduce an easy-to-use, out-of-the-box chatbot platform and designate a small group of users to begin using this tool when they need IT support. IT would then closely monitor the process to identify any issues – either on the service desk or end user side – and work to resolve those issues before scaling up. Over time, the IT team will have:

  • Pinpointed and addressed many issues as they relate to chat-based interactions with the service desk
  • Identified which types of requests are best suited for chat and which are better handled via other channels
  • Figured out how to best encourage users to transition from telephone support to chat
  • Gathered and analyzed data regarding the volume of requests each agent can manage using chat
  • Determined exactly how much time and money could be saved if scaled to the entire organization

Rolling out chatbot support this way is far less risky, and by starting with a tool that is easy to use and doesn’t require coding and/or a ton of training, the overall cost of implementation also remains low. As the project is slowly scaled up, the IT team will have all the information they need to determine whether full implementation would be a cost-effective investment with quantifiable proof to back them up. They’ll also already know what needs to be done in order to ensure success as the project expands.

The good news is, starting small is easy when you have the right tool in your corner. Ayehu is specifically designed to provide rapid time-to-adoption and enhanced simplicity to even the most complex ITSM projects. Don’t believe us? Try it free for 30 days and experience it for yourself. You have nothing to lose!

5 Ways to level up your service desk using it process automation