Federal agencies are focusing on ways they can leverage new technologies, such as automation, to improve IT service management and streamline cybersecurity processes, as they work to keep up with a threat landscape that changes constantly.
ServiceNow’s chief technology officer for the public sector and former agency CIO, Bob Osborn, said that ServiceNow is integrating artificial intelligence capabilities into its platform so that agencies can use the newest automation technologies as they become available.
“Finally we have platform technology available that allows them (agencies) to keep up with current technology,” Osborn said in an interview with MeriTalk at the ServiceNow NowForum on Oct. 10.
Osborn said that when he was a deputy CIO at the National Renewable Energy Laboratory, the agency was interested in moving to the cloud. One of the primary motivators was speed–it was usually a three-year process to acquire, test, and integrate new technologies. Tools were out of date by the time they were installed, which is particularly challenging when you consider cybersecurity.
ServiceNow integrates AI capabilities into its cloud-based platform and implements continuous updates–overcoming the usual innovation lag time.
The platform uses supervised machine learning, anomaly detection, peer benchmarks, and performance forecasting, and can recognize patterns to predict and solve IT service incidents before they occur. Seventy-one percent of the incidents are correctly assigned, which is on par with the capabilities of an employee doing the same work. This saves approximately 26,000 hours of work, according to Brian Crosby, enterprise services architect for ServiceNow.
According to Sean Convery, vice president and general manager of the Security Business Unit, automation frees up time for IT professionals to focus on new innovations—enabling them to spend their time on what really matters.
Additionally, Convery said that he’s seen a shift in attitude about cybersecurity.
“Most of the security industry has been behaving like just around the corner we can stop all the bad guys,” Convery said.
Convery said that unfortunately this notion is untrue and that enterprises are starting to recognize the reality.
Cybersecurity process automation could make a significant impact–addressing issues including the cyber workforce shortage, for example.
When it comes to automating information security processes, even small investments in specific areas of security can lead to big improvements.
“Incremental increases is where you’re going to get big returns,” said Paul Morris, acting CISO and acting director of the Information Assurance and Cybersecurity Division of the Transportation Security Administration, in February. “You have to start in some part of your network, some part of your security stack, and then how do you expand?”
Convery said that agencies can start just about anywhere, but the best way to get the most reward is to have a vision for where the agency wants to go and build a road map to achieve those goals.
Morris said that his goal is to use automation to take over the manual aspects of security so that human employees can devote their time to doing more complex work.
“I want my analysts spending 80 percent of their time thinking, not sitting there doing manual tasks,” Morris said.