In a “do more with less” business environment, robotic process automation (aka RPA, aka “automation”, aka “bots”) is gaining traction. With human performance optimization and digital transformations well established in the public and private sectors, some of today’s biggest advancements in time-, money- and effort-saving can be made with automation.
The good news is that a “mechanized’ operation has the power to deliver significant and rapid reductions in effort while increasing accuracy and efficiency. The bad news is that you cannot automate everything. So how do you know when it is time to call a human and when is it time to employ an automated solution into your cybersecurity efforts?
When it comes to the vulnerability of government systems, you do not want to risk a thing. Automation is at its best when addressing rules-based, repetitive, labor-intensive (and, often, soul crushing) processes. In the quadrant below, you see four key areas of vulnerability and how they are best addressed:
In short, as with all modern technology, when software can perform better than humans, that’s a good time for automation. And with the number of threats government systems face each day—and the complexity of complying with regulations—it is impossible to competently address all the many types of threats manually. Automation is a necessary and extremely valuable way of getting big chunks of the job done.
Looking at the STIG/CIS quadrant, this is the area of vulnerability that employs the most humans—expensive, specialized labor working on repetitive, dense work. In fact, it often eats as much as 70% of a cybersecurity budget in the government sector. But because there are rules and structure around this work it makes a great candidate for automation.
SteelCloud’s ConfigOS automates the process of STIG compliance, boiling down days and weeks of manual work to an hour. In one example, ConfigOS reduced a 16-hour scanning and remediation effort to one hour per software implementation…and there were 2500 implementations. This resulted in a 94% decrease in time spent. Moreover, it avoids labor costs of approximately $3M per year. The STIG specialists that no longer need to manually bring systems into compliance can now be used to assess risks and patch issues—two areas that can frequently be understaffed in the vulnerability area.
So, when determining where and what to automate, consider the process itself. If it is a manually intensive, predictable process, automate it and reassign your people to another vulnerability area. Cybersecurity threats just get more and more sophisticated. Your response to them needs to be sophisticated, too. Bots really can be better than humans.
About the author:
Brian Hajost, President & CEO
Brian Hajost is the President & CEO of SteelCloud. Brian transformed SteelCloud into a recognized pioneer in delivering new technologies that allow government customers and commercial enterprises to effectively meet the compliance mandates of RMF, NIST 800-53, NIST 800-171, CMMC, and IRS Pub 1075. Brian is a 30-year veteran of the hardware/software industry with extensive experience focusing on government and federal integration, financial and the securities, and mobility markets. You can reach him at bhajost@steelcloud.com.
Input your search keywords and press Enter.
Cookie | Duration | Description |
---|---|---|
cookielawinfo-checkbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
cookielawinfo-checkbox-functional | 11 months | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
cookielawinfo-checkbox-others | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. |
cookielawinfo-checkbox-performance | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |