Episode #49: How One Man’s Automation Journey Took Him From Accidental CIO to Unconventional VC – Ridge Ventures’ Yousuf Khan

September 24, 2020    Episodes

Episode #49: How One Man’s Automation Journey Took Him From Accidental CIO to Unconventional VC

In today’s episode of Ayehu’s podcast, we interview Yousuf Khan – Partner at Ridge Ventures

Perhaps you’ve heard the famous African Proverb “If you want to go fast, go alone, but if you want to go far, go with others”. Our guest on this episode has gone far, but he’s also gone pretty fast. Yousuf Khan has been CIO for a number of high-profile startups, a couple of them quite notable in the automation space.  His talent and vision led him to those roles, but his networking and outreach allowed him to excel.  Now as Partner with an early stage venture capital fund, he advises both CIOs and startups on how they can work together to bring next generation innovations to market. 

We learn quite a few insights from Yousuf in this discussion, including when it’s better to use artificial intelligence versus automation, how IT executives can prepare themselves to become CIOs, and why the CIO Group Therapy Dinners he started have not only led to better CIO decision-making, but better features in technology products. 

Guy Nadivi:Welcome everyone. My name is Guy Nadivi and I’m the host of Intelligent Automation Radio. Our guest on today’s episode is Yousuf Khan, Partner at Ridge Ventures an early stage venture capital fund. Yousuf is also a former five-time CIO, most recently at Automation Anywhere and Moveworks, two well-known and high-profile automation providers. Yousuf’s unique perspective as both investor and practitioner in the automation space, makes him a highly coveted thought leader. And given the stepped-up adoption of automation due to the COVID-19 pandemic, we wanted to tap into his considerable insights and gain a better understanding of what senior IT executives should be aware of as digital transformations are accelerated for business resiliency, as well as competitive advantage. Yousuf welcome to Intelligent Automation Radio.

Yousuf Khan: I thank you so much for having me here. I’m really excited to talk to you. I know you had 17 other people that you wanted to have on this slot, but when you call me up at 2am in the morning and say you’re exceptionally desperate and you need that extra guest, I’m your man. So I appreciate being over here and thank you for having me.

Guy Nadivi: You were the first one to say yes, and we’re happy to have you.

Yousuf Khan: I don’t want to brag, but that’s how I roll. But thank you.

Guy Nadivi: So Yousuf tell us about your background and how you became a CIO in the field of automation?

Yousuf Khan: So first of all, you’ve made a very generous introduction. I think the long short summary is I’ve been a CIO and the first CIO of five companies. And that gave me the exposure to have a very broad mandate, especially if you’re the first technology leader for a company. When you’re looking at internal functions, you can look at it very broadly. And that allowed me to look at everything for business applications and cyber security, of course build out an automation strategy, look at data management and then also advise on go to market. And so my CIO experiences have really looked at those sort of functions and a little bit more. And after two decades of plans and operating, I decided that it was time for me to be able to aid the next generation of startups in enterprise software in my little way that I can having advised companies in the past. And so I decided to join a great firm in Ridge Ventures and looking to invest between three and 7 million into late seed and series A enterprise companies. And hopefully that will aid the next generation of companies, and hopefully I can be helpful in their journey.

Guy Nadivi: Something very interesting is that you founded a group called the CIO Group Therapy Dinner. I know that therapy sessions are always supposed to remain confidential, but can you share some details about any breakthroughs made by participating CIOs at these dinners?

Yousuf Khan: Very interesting question. And yeah, it was kind of a little bit of a joke, but it, as I like to say, I was the CIO of several companies and the chief dinner organizer for a number of CIOs in what I termed as group therapy. And that’s been going on for several years. It started on the back of me joining a company where I was having a real tough time with a specific initiative, which was pretty highly visible and highly critical. And candidly speaking, I felt a little bit out of my depth and wanted to connect with other peers. And I felt that going to large events was probably not the most useful way, at least for me at the time. And when I set up a dinner between two CIOs, myself and one other, 12 people showed up and discovered that a lot of us were having the same issues and we wanted to have those discussions. So over the years I organized those dinners now ranging in the several hundred, which were either sponsored by a VC or a startup. And the objective of those dinners was really to give candid feedback and have a candid discussion. And a lot of really interesting insights. I think first and foremost, I got to understand personally how to make better decisions as a CIO when it comes to specific initiatives, because I was able to learn the lessons from my peers. Second, I think a lot of the startups which wanted feedback. It wasn’t a pitching session. There was no PowerPoint. There was no presentations or even demos. It was a candid conversation between the founding team and the group of CIOs. Product feedback and I think some of the output and some of the features you’ve seen in some of the products that go out there was directly driven from some of those dinners. And I think probably the most important piece was there was a sense of pretty great camaraderie. I’ve been a big advocate for the CIO role, advising CEOs on their first CIO hire as well as being able to, and so part of that is also about sharing the lessons and being able to create a community. And I think those were some of the benefits that sort of came out of that. It largely was just a lot of fun. I continue to organize dinners even virtually now. And I think one of the things that I’ve learned is that you learn a lot from your community around you, and I think it’s something that we can all benefit from.

Guy Nadivi: Since you’re now on the investment side, let’s talk a bit about startups. The vast majority of innovation in automation, AI, and other digitally transformative technologies comes from startups, which can be challenging for enterprises accustomed to working with larger players. Yousuf, how should CIOs work with startups?

Yousuf Khan: One of the things that I’ve found in talking with CIOs has been that they are risk averse in some cases about talking to startups. They’ll happily take a meeting. In some cases, some will not take a meeting, but very few really want to engage at the early stage. I think I’ve definitely been on the opposite side of that having been a design partner of a number of startups. I’ve been early advisor, I’ve been an informal advisor to a number of companies. And so what the way I think CIOs should think about this is as follows. I think if you want to innovate at scale fundamentally and you’re trying to solve a problem in a very creative way, the high chance is that there’s a startup that is focusing on the exact same problem to a certain degree. And so therefore tapping into that with a very focused effort and collaborating and partnering on that is really beneficial for you, number one. Number two is by engaging with startups, it’s a very good development opportunity and professional opportunity for each of your teams and your direct reports. IT teams don’t get enough credit, and that’s why I’ve been such an advocate for the CIO role and mentor IT directors and IT managers. Being able to help even in the infancy of building out a product at an early stage and being able to say that, it’s a great exercise for professional growth. It’s a great opportunity for that. And it allows people to figure out and discover different skills. I think the third piece is that, I would go on to say make a resolution that you want to engage with one startup or two startups a year that you can choose. And that basically means that you need to basically spend a little bit of time connecting with VCs. And sure, I can say that from a vested interest standpoint and hopefully I can be helpful to my CIO peers, but I think being able to say, “Here are the one or two problems that I care about most, and I want to be able to talk to companies in this space,” and you’d be very surprised that you’d actually be able to see some very creative approaches. You haven’t got much to lose by being able to engage. And I think it’s a very, very good use of time. So that’s my recommendation typically.

Guy Nadivi: Interesting. Given your extensive experience Yousuf, where can automation be most useful to an organization and how can a CIO best lead that automation journey?

Yousuf Khan: So the most key thing that you’ve pointed out in your question is that it’s a journey. Automation is a journey in a company and people need to start that journey for a very good reason. Number one is the compute power is now available for us to be able to really be able to drive automation into our businesses. Number two, the data sets are now there. And number three, the innovation and the thinking is there, both internally and externally with companies like Moveworks and Automation Anywhere, which I’ve had the honor to work with in the past. And so understanding that is a journey is the first step. The second part is to be able to think about where you can get a very clear visible win, and that requires you to be able to spend time being able to think about your processes just a little bit more, and then being able to drive that further forward. Third, and probably most important piece is, when you think about RPA, you think about repetitive work and you’ve seen companies, and that’s why companies like Automation Anywhere have been successful, because they’ve been able to drive and deliver customer value consistently by being able to take repetitive processes and being able to completely reduce the human effort of them and automate them entirely. Moveworks has fundamentally been able to understand that you can apply powerful techniques, like natural language understanding and machine learning to be able to resolve IT support issues and IT operational issues in a very, very great user experience using messaging systems like Slack and Teams. And they’ve done that super well. And so, all of those started off in a journey by being able to understand a problem and framing that. Number two, being able to understand that you can do it differently. And number three, understanding that this is the start of the journey that it could basically lead on to. And that’s been pretty consistent with a lot of the CIOs I’ve spoken to as well as being able to look at the number of different solutions.

Guy Nadivi: Artificial intelligence and machine learning are becoming more common in enterprises, especially with all the digital transformation initiatives out there. Yousuf, where is it best to use artificial intelligence and machine learning and where is it best to use automation?

Yousuf Khan: Well, that’s an excellent question. I think it’s really important that we take a little bit of a step back, because the buzzwords have been out there for a little while and I think a lot of people get enamored by them. And so, my biggest advice is when you think about use cases, I would break it down into a couple of things. Number one is, are you solving the business problem first and foremost? And what that business problem is will help you try to figure out whether it’s a problem of manual repetitive work for which automation is a very good use case, versus one which requires more automation using more creative techniques, such as NLU and machine learning or otherwise. And so I think framing that problem is probably the most important first step. Second is thinking about use cases from an industry standpoint, which could be beneficial. So if you think about things like fraud prevention, fraud prevention that’s been very common for people to look at statistical processes and techniques and pattern matching to combat fraud prevention for large say telcos or retailers, because that’s a use case that has been sort of beneficial, versus something which is overly creative where the data sets are too varied, machine learning becomes a huge problem. If you think about companies like Moveworks, Moveworks was successful because it understood the business outcome which was being able to resolve IT support tickets. It understood the goal of being able to do that across some very specific areas and then grow it its impact. Automation Anywhere looked at repetitive processes and then built onto intelligent automation. And I think that was important to be able to think about from a use case standpoint. The use cases for each varied, right? If you think about automation, well there’s a lot of repetitive process. So use cases that are typical for automation can range from data entry where you are, I was experienced, for example, migrating one system to another. And the data structures for those were completely varied. And so rather than having to convert them through human effort, being able to do that through a bot designed by Automation Anywhere was great. If you think about a contract order process, which runs in the back end between connecting two systems, you could use automation for things like that. Whereas if you think about chat bots, and if you think about being able to have user experience, then solutions like Moveworks are a great outcome and they’re focused on an end goal, which applies across the entire company. Everyone needs IT support, and so that’s where ML and techniques like NLU become really beneficial. I think the important thing to think about is, one, think about the clear outcome that you’re trying to solve. Number two, the method that you’re basically using, and probably number three is, what is the incremental journey that you’re on being able to continue to add value by using either one of machine learning or automation techniques?

Guy Nadivi: Specifically with regards to automating processes like some of the ones you just listed, how do you think CIOs can best manage teams for automation?

Yousuf Khan: I think probably the most important thing is to actually have that as a focus area. And I do think that there’s a function within companies that should be focused on automation and automation teams should be created. Number one, I think it’s a huge opportunity for professional growth and development. Number two, I think it’s a huge business need, and number three I think it requires dedicated focus. And I think one thing people have not really appreciated, the benefit of automation is it empowers people. It’s much better for morale in a lot of cases where you’re able to take away manual repetitive tasks. And it’s a great sign of innovation for IT teams. And so definitively they should be thinking about building an entire function for that. And that’s one aspect. The second is you’ve got to re-think differently about your processes. I said that earlier, I think it’s important to not be able to migrate. That requires a fresh set of thinking. Companies expand, they grow. In some cases they contract, they take on more technology than they’ve ever done before. Companies are now becoming more technology-driven companies. Software is not just driving companies. It is being embedded in companies. And so therefore you can’t just simply take your old process and put them into this new way of thinking. And probably the third thing is they’ve got to be very focused on goals and put kind of measurements around success. And I think that’s important to do. I think you can be in a journey and it could be a very long journey unfortunately, and you’ve got to be able to iterate along the way. And I think that’s very, very important as well.

Guy Nadivi: Having worked for some automation vendors Yousuf, you’ve seen a lot of automation deployments. I’m curious, which industries did you see that had particularly successful results from deploying automation?

Yousuf Khan: It’s important to basically point out that the opportunity for automation exists across multiple verticals, I think number one. Number two is in terms of the functions, there are some that do really, really well. And some that require a little bit more effort and a little bit more thinking. Let me give you some examples. If I think about customer service, well the opportunity for automation there has really been when you have a high level of demand and you’re not able to, for example, scale-up your customer service center like an airline, for example, may have done over the last several months or a hotel chain. You can’t hire people fast enough, but their processes are very much specifically the same. Refunds, cancellations, otherwise. Could that process be automated? And so definitively the answer to that is yes. And that’s been proven, that’s been done. In some cases in financial services I’ve seen those verticals work well. We’ve experienced that myself. If you want to basically, you’ve gone away from being having to call and actually speak to someone about a lost or stolen credit card. You’re able to fundamentally run through that function through a combination of voice commands, but also candidly speaking through text and be able to basically get a new card ordered without any friction in the process whatsoever. And so I think those things, again, fundamentally if it’s repetitive that’s going to be easy to do, and it’s going to apply across a number of different verticals. I think it’s important to think about the fact that there’s a lot of opportunities which automation is not just about a customer experience. It’s really just about being able to get the work done. That’s a simple way of basically saying is, if you think about a data entry work across different systems, being able to just eradicate that because you understand the type of data going from one system to the other and being able to convert that could be easily done simply because you’re able to train a bot to do it. That’s a definitive value. And that applies across any company because systems are being changed and upgraded all the time. If you are looking at supply chain and inventory management, being able to track those and being able to not just automate the reordering of something, but also to be able to send out warnings and notifications is definitively of value. All of these fundamentally say that automation is a very, very big opportunity for enterprises and companies, and they should be thinking about very deeply about how to be able to benefit from that.

Guy Nadivi: Let’s talk about cybersecurity, which is always a topic of paramount importance to CIOs. And you’ve been CIO of some cybersecurity companies as well as automation vendors. Yousuf, what should CIOs be aware of and concerned about when it comes to the security of their automation initiatives?

Yousuf Khan: I think there’s a couple of things here. First of all, I think, cybersecurity is gone from being kind of something to be discussed, which is something that people will get round to talking about to now being very much in the mainstream and being discussed at boardrooms on a regular basis as an agenda item. Right, so it’s evolved over time. And so I don’t think it’s as specific as saying, “Well, should we think about security in the automation space?” Fundamentally you are buying software or you’re building software from leading vendors. I think that the vantage point that you would apply is really about what are the key areas that that automation is touching. Number one, it’s having access to your systems and being able to touch a number of different systems. So being able to make sure that the APIs are secure and robust. Second, if it’s touching sensitive data, then you’ve got to be very diligent about figuring out how that actually is happening and how you’re able to test that out. Number three, probably most importantly is to really think about the testing that goes into it. Automation use cases can vary from as simple as an email notification to data migration, to financial transactions happening. And it’s really, really important to be able to make sure that you understand that there’s going to be regulations around that, and you have to provide that vantage point as well. So I don’t think it’s massively different to what a CIO would look at when they look to buy a software solution. I think the difference is because this is something that you’re more deeply involved in from a creative standpoint, it’s important to take that extra step to be able to understand what parts of your infrastructure the automation is actually touching and how is that basically protected. And of course, how you’re avoiding making misfires by basically being able to send data out accidentally because you’re in control of that.

Guy Nadivi: Yousuf, for the IT executives and others listening in, what advice would you give them if they’re looking to move into a CIO role?

Yousuf Khan: I’m very grateful to have learned from a number of CIOs. I’ve also taken the objective to learn from different members of the C-suite, of what they expect from CIOs. And so with that in mind, I think I would probably give some key piece of advice. Advice number one is fundamentally the CIO role is a leadership role. And so you have to ask yourself a very honest question, which is, what type of leader do you actually want to be? And I think that’s important because people in IT teams are looking for more leadership, for guidance, both in their careers, but also in terms of direction. I think the second is, how do you navigate complex decision-making and prioritization of work? There’s no shortage of work for the IT organizations, the very hardworking IT organizations that I’ve worked with and I’ve met. And I think it’s really important that CIOs understand how they’re able to, if you want to be a CIO, how you are able to prioritize and how you’re able to basically make decisions. I think the third thing is probably, figure out how you’re able to communicate more effectively across, not just your team, but also across the C-suite and other executive leaders and across the company. I think the CIOs who are most effective in their roles are ones who are able to communicate with customers and partners as well as internal to their teams, as well as the company. Because change management enablement is very, very hard. And I think technological change is something which is really happening more and more in companies. And that’s being driven by CIOs and being able to explain that change, being able to drive that change, being able to see the success of it is a CIO’s responsibility. And so being able to do that, communication is one of the key things that they need to be able to focus on. So that would be my other piece of advice.

Guy Nadivi: Great words of advice from a former five time CIO.

Yousuf Khan: Well, yeah, I would say former is good and a want-to-be VC. I’m the accidental CIO and definitely the unconventional VC as I’ve said a couple of times, but I hope it’s been a benefit to many of my CIO peers.

Guy Nadivi: All right.

Yousuf Khan: Yeah.

Guy Nadivi: Well, it looks like that’s all the time we have for on this episode of Intelligent Automation Radio. Yousuf, It’s always great hearing from an investor in the automation space, but especially someone like yourself, who’s got hands on background that affords him a bit of an advantaged viewpoint. I’m sure our listeners found great value in hearing your perspective today. Thank you very much for coming on the show.

Yousuf Khan: Thank you. Thank you very much Guy. And one thing I do want to say is I do want to thank you for all that you’re doing for the community. I think these conversations are important, not just because I’m having them, but I think you’ve done a great portfolio of work, and I think we could all benefit from that. So thank you for all your work in this community.

Guy Nadivi:I appreciate that. Thank you very much. Yousuf Khan, partner at Ridge Ventures, an early stage venture capital fund. Thank you for listening everyone. And remember, don’t hesitate, automate.

Yousuf Khan

Partner at Ridge Ventures

Yousuf Khan is a Partner at Ridge Ventures and technology leader. Prior to Ridge Ventures he spent several years in executive leadership roles as the CIO at Automation Anywhere, Moveworks, Pure Storage and Qualys. He has been the first CIO at these companies where he led teams covering intelligent automation, IT operations, business applications,  cloud operations to information security. In each of these roles, he has held a broad executive ownership of functions ranging from driving cyber security to executive go to market programs as well as customer success.  

He has been an active member of the CIO community as someone who drives collaboration in the community as well as advising CEO’s of fast growth companies about their technology operations strategy. Yousuf has also been involved in advising early stage founding teams on product and go to market strategy.   

Yousuf can be reached at: 


Ridge Ventures: 


“I think if you want to innovate at scale fundamentally and you're trying to solve a problem in a very creative way, the high chance is that there's a startup that is focusing on the exact same problem to a certain degree. And so therefore tapping into that with a very focused effort and collaborating and partnering on that is really beneficial for you…” 

“…I think one thing people have not really appreciated, the benefit of automation is it empowers people. It's much better for morale in a lot of cases where you're able to take away manual repetitive tasks. And it's a great sign of innovation for IT teams.” 

"Companies are now becoming more technology-driven companies. Software is not just driving companies. It is being embedded in companies. And so therefore you can't just simply take your old process and put them into this new way of thinking." 

“I think it's important to think about the fact that there's a lot of opportunities which automation is not just about a customer experience. It's really just about being able to get the work done.” 

About Ayehu

Ayehu’s IT automation and orchestration platform powered by AI is a force multiplier for IT and security operations, helping enterprises save time on manual and repetitive tasks, accelerate mean time to resolution, and maintain greater control over IT infrastructure. Trusted by hundreds of major enterprises and leading technology solution and service partners, Ayehu supports thousands of automated processes across the globe.



Ayehu NG Trial is Now Available
SRI International and Ayehu Team Up on Artificial Intelligence Innovation to Deliver Enterprise Intelligent Process Automation
Ayehu Launches Global Partner Program to Support Increasing Demand for Intelligent Automation
Ayehu wins Stevie award in 2018 international Business Award
Ayehu Automation Academy is Now Available


Episode #1: Automation and the Future of Work
Episode #2: Applying Agility to an Entire Enterprise
Episode #3: Enabling Positive Disruption with AI, Automation and the Future of Work
Episode #4: How to Manage the Increasingly Complicated Nature of IT Operations
Episode #5: Why your organization should aim to become a Digital Master (DTI) report
Episode #6: Insights from IBM: Digital Workforce and a Software-Based Labor Model
Episode #7: Developments Influencing the Automation Standards of the Future
Episode #8: A Critical Analysis of AI’s Future Potential & Current Breakthroughs
Episode #9: How Automation and AI are Disrupting Healthcare Information Technology
Episode #10: Key Findings From Researching the AI Market & How They Impact IT
Episode #11: Key Metrics that Justify Automation Projects & Win Budget Approvals
Episode #12: How Cognitive Digital Twins May Soon Impact Everything
Episode #13: The Gold Rush Being Created By Conversational AI
Episode #14: How Automation Can Reduce the Risks of Cyber Security Threats
Episode #15: Leveraging Predictive Analytics to Transform IT from Reactive to Proactive
Episode #16: How the Coming Tsunami of AI & Automation Will Impact Every Aspect of Enterprise Operations
Episode #17: Back to the Future of AI & Machine Learning
Episode #18: Implementing Automation From A Small Company Perspective
Episode #19: Why Embracing Consumerization is Key To Delivering Enterprise-Scale Automation
Episode #20: Applying Ancient Greek Wisdom to 21st Century Emerging Technologies
Episode #21: Powering Up Energy & Utilities Providers’ Digital Transformation with Intelligent Automation & Ai
Episode #22: A Prominent VC’s Advice for AI & Automation Entrepreneurs
Episode #23: How Automation Digitally Transformed British Law Enforcement
Episode #24: Should Enterprises Use AI & Machine Learning Just Because They Can?
Episode #25: Why Being A Better Human Is The Best Skill to Have in the Age of AI & Automation
Episode #26: How To Run A Successful Digital Transformation
Episode #27: Why Enterprises Should Have A Chief Automation Officer
Episode #28: How AIOps Tames Systems Complexity & Overcomes Talent Shortages
Episode #29: How Applying Darwin’s Theories To Ai Could Give Enterprises The Ultimate Competitive Advantage
Episode #30: How AIOps Will Hasten The Digital Transformation Of Data Centers
Episode #31: Could Implementing New Learning Models Be Key To Sustaining Competitive Advantages Generated By Digital Transformation?
Episode #32: How To Upscale Automation, And Leave Your Competition Behind
Episode #33: How To Upscale Automation, And Leave Your Competition Behind
Episode #34: What Large Enterprises Can Learn From Automation In SMB’s
Episode #35: The Critical Steps You Must Take To Avoid The High Failure Rates Endemic To Digital Transformation
Episode #36: Why Baking Ethics Into An AI Project Isn't Just Good Practice, It's Good Business
Episode #37: From Witnessing Poland’s Transformation After Communism’s Collapse To Leading Digital Transformation For Global Enterprises
Episode #38: Why Mastering Automation Will Determine Which MSPs Succeed Or Disappear
Episode #39: Accelerating Enterprise Digital Transformation Could Be IT’s Best Response To The Coronavirus Pandemic
Episode #40: Key Insights Gained From Overseeing 1,200 Automation Projects That Saved Over $250 Million
Episode #41: How A Healthcare Organization Confronted COVID-19 With Automation & AI
Episode #42: Why Chatbot Conversation Architects Might Be The Unheralded Heroes Of Digital Transformation
Episode #43: How Automation, AI, & Other Technologies Are Advancing Post-Modern Enterprises In The Lands Of The Midnight Sun
Episode #44: Sifting Facts From Hype About Actual AIOps Capabilities Today & Future Potential Tomorrow
Episode #45: Why Focusing On Trust Is Key To Delivering Successful AI
Episode #46: Why Chatbots Are Critical For Tapping Into The Most Lucrative Demographics
Episode #47: Telling It Like It Is: A 7-Time Silicon Valley CIO Explains How IT’s Role Will Radically Change Over The Next Decade
Episode #48: How Microsoft Will Change The World (Again) Via Automation

Follow us on social media





Disclaimer Note

Neither the Intelligent Automation Radio Podcast, Ayehu, nor the guest interviewed on the podcast are making any recommendations as to investing in this or any other automation technology. The information in this podcast is for informational and entertainment purposes only. Please do you own due diligence and consult with a professional adviser before making any investment

What is ‘WannaCry’ Ransomware and How Can You Keep Your Organization Safe?

What is ‘WannaCry’ and How Can You Keep Your Organization Safe?If you haven’t yet heard, there’s a new kind of ransomware and it’s wreaking havoc across the globe. It’s appropriately called ‘WannaCry,’ and it has thus far claimed some 350,000 victims in over 150 countries worldwide. As these numbers appear to be on the rise, IT professionals everywhere are taking notice, attempting to head the virus-spreading malware off at the pass before they become part of the statistic. Here’s what you need to know in order to keep your organization secure.

What is WannaCry?

WannaCry is a unique form of ransomware which uses a flaw in Microsoft software to deploy a malicious virus. Given the widespread popularity of Windows, it’s not surprising that once the vulnerability was exploited, it spread rapidly across many networks, affecting organizations in almost every industry. The fact that the vulnerability was so broadly available and the ability to spread quickly without human intervention created the ideal environment in which the “worm” could flourish.

Once deployed, the Wanna Decryptor program locks all of the data on a computer system and leaves the user with only two remaining files: the WannaCry program and instructions on what to do next. Infected users are given a few days to pay the proposed ransom or risk permanent deletion of their files. A Bitcoin address is provided to which the user is advised they must pay up in order to release their data from the malware.

How can organizations protect themselves?

While most organizations have virus protection in place that is supposed to protect against ransomware, the fact that this particular strain was able to bypass so many existing protective measures to affect hundreds of organizations across the globe, including the United Kingdom’s National Health Service and Telefonica in Spain. In other words, despite some of the most sophisticated defense mechanisms, many well-known enterprises were unable to prevent the virus.

As with any other type of cyber-attack, the best defense against WannaCry is a good offense. As hundreds of IT professionals are scrambling to pick up the pieces and recover from this most recent attack, it’s become even more evident that preventing threats is simply not always possible. The key then is to be able to respond as quickly as possible to mitigate damages, something that can’t be effectively accomplished without the help of machine technology – that is, automation.

A Secret Weapon…

Rapid automated response remediates devices affected by the WannaCry virus, then blocks the ransomware’s lateral and upward propagation, thereby protecting the entire enterprise network. Suspected ransomware attempts will immediately trigger a playbook to automatically initiate remediation and mitigation procedures.

Additionally, thanks to machine learning capabilities, the automated tool can initiate security controls, build indicators of compromise and implement them on the network infrastructure. This will facilitate faster identification of existing infections as well as helping to block future ones from occurring in the first place.

The WannaCry ransomware outbreak serves as an important reminder that no organization is safe from the risk of a cyber-attack. Its massive success also reminds us that despite our most valiant efforts, preventing such an attack is simply not always possible. As such, having the right orchestration and automation platform in place to quickly pinpoint, isolate and eradicate the problem is key.

Want to give your enterprise this added level of protection? Launch your free trial of eyeShare today.

eBook: 5 Reasons You Should Automate Cyber Security Incident Response

5 Common Insider Threats and How to Manage Them

5 Common Insider Threats and How to Manage ThemWhen we talk about security threats to the enterprise, the focus often centers on hackers and other external parties. In reality, the biggest danger to most organizations is the very users who work within. In fact, according to Gartner, more than 70% of unauthorized access to sensitive data is committed by a company’s own employees. The good news is enough research has been done to identify the five most common insider threats and, more importantly, what your organization can do to prevent and protect against them. Let’s take a look.

Problem: Sensitive Data Sharing via Email or IM

Along with the convenience of quick and/or instant electronic communications also comes the greater risk of confidential information being shared via one of these tools, like email or instant messaging. Thankfully, this is one of the easiest insider threats to manage and control.

Solution: Encrypt, Analyze and Filter

The easiest way to prevent sensitive data from being shared electronically is to ensure that all messages and the content contained within (including attachments) are properly encrypted. Additionally, you can set up a network analyzer and content filtering which will help to automatically identify and block any classified information from going out. Lastly, outsourced or perimeter-based messaging solutions often provide easy to manage content filtering and blocking, so know and take advantage of what’s available to you.

Problem: Remote Access Exploitation

One of the greatest benefits of today’s technology is the flexibility it affords to be able to access networks and internal systems from anywhere. Unfortunately, this same advancement can also prevent a whole new set of risks to the integrity and security of sensitive data. The ability to access information from off-site via remote access software like Citrix and GoToMyPC can make it easier and more tempting to steal and compromise that data. Furthermore, inadequately protected remote devices could end up in the wrong hands if they become lost or stolen.

Solution: Establish Stronger Remote Work Guidelines

Controlling who can access and share files and keeping a close watch on OS and application logins is critical. Implementing tighter security controls, particularly those systems that are most sensitive and therefore pose the greatest risk can provide a much greater degree of protection. Likewise, monitoring and limiting employee usage through logs and audit trails will also add another layer of security. Finally, establishing stronger password requirements, using multi-factor authentication and enabling screen saver timeouts can prevent unauthorized access issues.

Problem: Peer-to-Peer File Sharing

P2P sharing software is a great tool for fostering collaboration and improving efficiency amongst employees, but these platforms also pose a significant security risk. All it takes is one ill-intentioned individual to misconfigure the software and suddenly your internal network and drives are available for anyone to access.

Solution: Implement More Stringent P2P Policies

The best way to prevent against P2P software vulnerabilities is to not allow it within your organization. Implementing a network analyzer and routinely performing firewall audits will further strengthen your defense. For optimum protection, a P2P firewall is recommended. If you do happen to allow P2P software, a perimeter-based content monitoring solution can help keep sensitive information secure.

Problem: Insecure Wireless Network Usage

Accessing confidential data via unsecured wireless networks can potentially place your organization at risk, even if that insider threat is unintentional. If your employees work remotely and use WiFi or Bluetooth connections, all it takes is one breach of a file transfer or email communication for your valuable data to be compromised.

Solution: Provide a Safer Alternative

Rather than allowing employees to utilize airwaves that are not adequately secure, providing your WiFi users with a secure wireless hotspot is the ideal solution. Use a VPN  for remote connectivity and implement a personal firewall for an added layer of protection. Don’t forget internal wireless networks, either. Always use encryption, authentication and logging. If Bluetooth is not necessary, disable it or, at the very least, make your devices undiscoverable.

Problem: Participating in Discussions on External Boards or Blogs

Whether it’s posting a question on a message board for support purposes or commenting on a thought-provoking blog, employees could inadvertently put your sensitive information at risk without even realizing it.

Solution: Filter and monitor.

Filtering content at the network perimeter is the most effective way to identify and block sensitive data from being shared externally. Of course, as with everything else, there’s always a chance that encrypted transmissions could be missed and may end up on such sites. For best results, setting up a notification system, such as Google Alerts, which will let you know any time certain keywords (specified by you) are used on the web.

Ultimately, managing insider threats should be an important component of your overall cyber security incident response strategy. Implementing tools like automation can help further identify, address and remediate security incidents – including those caused by internal parties – so that damages can be mitigated.

Is your defense strong enough to keep sensitive data safe? Start your free trial of eyeShare today.

eBook: 5 Reasons You Should Automate Cyber Security Incident Response

Not Enough Personnel to Handle Cyber Security Alerts? No Problem.

Not Enough Personnel to Handle Cyber Security Alerts? No Problem.As security breaches continue to plague companies across the globe, it’s becoming increasingly evident that developing and launching a dedicated cyber security incident response strategy is vital. But what happens if you’re working with a tight budget and simply cannot afford to gather a group of top IT talent to handle your incident response needs? Does that mean you’ll just be left to fend for yourself, assuming unlimited risk of cyber-attacks? The good news is no. Here’s why.

IT process automation can provide the ideal solution for organizations of every size and industry, whether it’s a smaller operation or an enterprise level firm. After all, budgetary restrictions affect businesses in every class. Rather than bringing in more IT professionals to handle incoming alerts and manage the response process, these companies can instead rely on technology to help close the gap while they remain a step ahead of potential security breaches.

What an automated incident response playbook does is it detects alerts as soon as they occur. These notifications may be nothing to be concerned about, but they may be indicators that someone unauthorized to do so is trying to access sensitive data. As the world learned from the Target debacle of a few years ago, and countless others since then, failure to adequately stay on top of these incidents can cause catastrophic problems for the company. Sadly, most of the victims we read about in the news simply didn’t have the resources in place to weed through every incoming alert and determine whether they were actual cyber security threats that required attention.

Had these organizations employed the use of automation, either solely or in conjunction with other existing monitoring platforms, the breaches that have cost millions of customers their personal information could have been avoided. It’s not that they needed more hands on deck. It’s that if they had the right tools in place when the initial incident occurred, their existing IT personnel would have been notified and action could have been taken immediately.

With a sophisticated automation product, the entire incident response process can be run smoothly and effectively. The moment a cyber security threat is made, it is detected by the system and evaluated for legitimacy and severity. Actual incidents are then prioritized and the appropriate steps are taken to address the situation. This may be completely automated, or it may trigger the need for human input. In the latter case, the appropriate party will be notified and the system will wait for instruction on how to proceed. With a quality automated incident response solution, this can be done from anywhere through remote capability.

There are a lot of options when it comes to building an incident response playbook. They can be developed based on real-life use cases to make them more effective in detecting and resolving incidents in a timely manner. Furthermore, this type of automation tool can be fully integrated with existing threat and vulnerability detection systems to create a more robust and solid cyber security strategy. With the right system in place, incident response time can be reduced from hours to mere minutes.

There’s no question that organizations across the world are facing increasing need to beef up their cyber security plans and improve their incident response processes. With automation, the need to take on more staff at a much higher expenditure is no longer necessary. Instead, technology can be seamlessly implemented to create a more efficient and highly effective process, giving your organization greater protection against future cyber threats.

Is your business as safe as it should be? Download a free 30 day trial today to experience how automation can help.

eBook: 5 Reasons You Should Automate Cyber Security Incident Response

The Best Way to Manage Your Company’s Cyber Security

The Best Way to Manage Your Company’s Cyber SecurityA few years ago, The Wall Street Journal estimated that cyber-crime was responsible for nearly $100 billion in losses in the US alone. This amount has been widely disputed and is believed by many to be much higher. Meanwhile, British insurance company Lloyd’s estimated that cyber-attacks cost companies in the UK up to $400 billion every year. This damage includes the direct impact of a cyber security breach as well as the post-attack disruption it causes.

And it’s only going to get worse. In addition to cyber-crime costs quadrupling from 2013 to 2015, Juniper research predicts that those costs will increase to $.2.1 trillion globally by the year 2019.

Cyber-crime is something every business in every country on every continent in the world must be mindful of. According to Ginni Rometty, the Chairman, CEO and President of IBM Corp., these types of attacks could very well be the greatest threat businesses have ever seen.

So, what can you do to protect your organization? What will it take to ensure that your business doesn’t become a part of the alarming statistics listed above? Well, it starts with creating a comprehensive cyber security incident response strategy – that is, a formal plan for proactively defending against incoming attacks that also includes a documented course of action for addressing and remediating incidents in as timely and effective a manner as possible.

That being said, here are five key steps to actively managing your company’s cyber security.

Establish ground rules.

First and foremost, make cyber security a priority and make it clear that protecting the assets of the company is everyone’s job. Establish policies and procedures, communicate them clearly and regularly and enforce them as needed. For instance, develop, institute and enforce a policy that requires all network users to create and use strong passwords. Post banners that remind users of their responsibilities and restrictions regarding the security of company data.

Get the right team in place.

Today’s cyber-attackers are as savvy and sly as they’ve ever been. They are constantly working to identify new vulnerabilities that they can exploit. In order to combat these sophisticated criminals, you must assemble a team that is dedicated to developing, implementing and managing your organization’s cyber security incident response strategy. It cannot be an afterthought or a side-venture. The team should be well-trained and provided with all the tools, technology and support they need to effectively prevent, monitor, assess, respond to and recover from any security incidents.


It’s been said that the best defense is a good offense, and perhaps in no arena is this more accurate than in cyber security. Being proactive about how you approach your company’s security can mean the difference between an attempted attack and a successful (and costly) breach. Make sure that you have invested in quality monitoring systems, including a combination of technology and skilled security professionals. The ability to quickly pinpoint a potential threat and assess it immediately, before it has the opportunity to wreak havoc will greatly improve your odds of keeping sensitive data safe from harm.


The types of cyber-crimes being perpetrated today are far more complex than ever before. Additionally, criminals are using advanced technology to launch relentless attacks at an almost mind boggling rate. The only sure way to fortify your organization’s defense against these ferocious onslaughts is to leverage that same technology to your own advantage. This comes in the form of automation, which provides a round-the-clock virtual army of defenders that stand at the ready to help identify, assess, verify, prioritize, notify and take action against any legitimate incidents. This instant and effective process can dramatically reduce the impact of a threat and significantly mitigate damages – all without the need for human intervention.

Be proactive about the future.

Last, but most certainly not least, it’s just as important to plan ahead as it is to be prepared in the here and now. A solid cyber security incident response strategy should also account for future attacks to further secure and fortify your defense. This can be accomplished by using the documentation from past incidents and determining best practices for future events. It should also involve regular testing and verification of existing systems, applications and security measures to identify weaknesses so that they can be adequately addressed before they become a liability.

Is your cyber security strategy strong enough to prevent your organization from becoming the next victim of a savvy online criminal? Can your company afford such a devastating blow? The time to take action and safeguard your assets is now.
Get started today by downloading a free 30 day trial of eyeShare.

IT Process Automation Survival Guide

Ayehu Launches Integration with Intel’s McAfee to Accelerate Cyber Security Incident Response

Ayehu Launches Integration with Intel’s McAfee to Accelerate Cyber Security Incident ResponseIntel Security Innovation Alliance Partner, Ayehu, Reduces Breach Impact through Seamless Integration Resulting in Faster Response Times

Ayehu Software Technologies Ltd., leading provider of enterprise-grade IT process and cyber security automation software solutions, today announced that as a member of the Intel Security Innovation Alliance™ (SIA) partner program, it has launched an integration pack with McAfee’s Enterprise Security Manager™.  Ayehu’s integrated eyeShare solution is currently available, and listed on the Intel Security Innovation Alliance Partner Directory.

“A key goal behind the Intel Security Innovation Alliance program is to accelerate the development of interoperable security products and simplify the integration of those products with complex customer environments,” said D.J. Long, Head of the Security Innovation Alliance at Intel Security.  “We’re thrilled to see Ayehu leverage Intel Security’s investment in its security risk management platform and extend this value to Ayehu customers.”

The integration of Ayehu’s eyeShare™ with McAfee’s Enterprise Security Manager™, enables customers to easily automate and streamline security policy tasks (playbooks) such as incident response, resulting in immediate and reliable defense against detected threats.

With Ayehu eyeShare in Intel Security’s solution stack, enterprises have access to a leading IT process automation platform that accelerates cyber security incident response and resolution while improving security operations efficiency.

Benefits of cyber security automation include:

  • Threats captured the moment they appear on SIEM
  • Accelerated security response and automatically triggered pre-defined playbook help contain threats before they impact the business
  • Reduced manual and time-consuming security procedures with a digital, closed-loop process
  • Forensics and enriched data provide insight and stronger decision making
  • Maintaining audit compliance through documented processes

“We are continually expanding our integrations with industry leaders like Intel McAfee, as these partnerships allow us to further extend the significant benefits of our IT process and cyber security automation technology,” said Gabby Nizri, Co-Founder and CEO of Ayehu, Inc.  “Our expertise in remediating IT incidents brings McAfee ESM customers a powerful yet simple to use solution for effectively handling the increasing cyber security threats.”

For more information on automating cyber security incident response, download Ayehu’s eBook.

About Ayehu
Ayehu provides IT Process Automation solutions for IT and Security professionals to identify and resolve critical incidents and enable rapid containment, eradication and recovery from cyber security breaches.  Ayehu provides customers greater control over IT infrastructure through automation. Ayehu solutions have been deployed by major enterprises worldwide, and currently support thousands of IT processes across the globe.  The company has offices in New York and Tel Aviv, Israel.  For more information please visit

About The Intel Security Innovation Alliance
The Intel Security Innovation Alliance is the foundation of a technology ecosystem designed to assemble the world’s leading security innovations. Working together, Intel Security and its partners deliver solutions more comprehensive than those available from any single vendor. By implementing products designated as McAfee Compatible, mutual customers enjoy faster time to deployment; lower total cost of ownership; and makes security risk management projects more efficient and effective.

eBook: 5 Reasons You Should Automate Cyber Security Incident Response