Were you unable to attend Transform 2022? Check out all of the summit sessions in our on-demand library now! Watch here.
In a world of increasingly complex threats, automation has emerged as a key technology helping security teams keep up with malicious actors. In fact, a survey found that 76% of IT executives report automation and artificial intelligence (AI) have maximized the efficiency of security staff.
Automating enough to give security teams everything they need to respond to threats and vulnerabilities effectively with minimal manual administration, can inadvertently increase complexity in the environment if not careful.
In an exclusive interview with VentureBeat, Jay Prassl, founder and CEO of cloud-native ITops platform Automox, detailed how organizations can bridge the gap between ITops today and move toward the promised land of NoOps and why the transition needs to start now.
VentureBeat: What is NoOps and is it realistic or attainable for enterprises?
MetaBeat will bring together thought leaders to give guidance on how metaverse technology will transform the way all industries communicate and do business on October 4 in San Francisco, CA.
Jay Prassl: For years, we’ve heard about the advent of NoOps, a vision of IT Operations where everything is automated and runs on autopilot. It’s the right direction to go in, but we are still a way off.
What is attainable is “automated control”- automating tasks that make sense to automate, while still leaving room for IT to be involved in the process to deal with edge-case scenarios.
With automated control, you’re looking at a situation where the overall workload for the IT operator goes down and the overall efficiency of their work and the output goes up.
The reality is, just because something can be automated, it doesn’t mean it should be. There are a lot of algorithms in the security sphere that help shorten the learning curve of where to apply resources, but none of these algorithms exist for the IT Operator.
The real goal is to provide pathways in which the human can move from the critical path — what I like to call “In the loop” — to a position of being “on the loop.”
You can think of “on the loop” as controlling the work and allocating resources, rather than having to triage vulnerability risk against the time slot that is available.
VentureBeat: Why do enterprises need to work toward NoOps?
Jay Prassl: IT Operations, as it stands in the 2020s, can be soul-crushing, repetitive work. With the rise of outages, cyber-attacks and ever-growing complexity from hybrid/remote work, IT workers have never had so much with such limited resources. At the same time, we are seeing skills gaps and staffing shortages like never before.
We hear about how automation will transform the future for every type of worker — from clerks to warehouse workers — but IT operators need this to happen yesterday, not in a far imagined future. So, while true NoOps isn’t around the corner, we can move in that direction with automated control.
Achieving automated control is an important step toward developing the confidence that a platform can achieve and deliver a true NoOps experience to the IT Operator.
VentureBeat: How can CIOS and security leaders bridge the gap from ITops to NoOps?
Jay Prassl: CIOS and the full c-suite need to take a hard look at their technology investments and the human impact.
Adding a ton [of] additional functionality is great, but what if that added functionality makes another job set much harder? You have to consider the total impact on the technology stack and the professionals who are responsible for maintaining it.
An audit of existing automation capabilities is a good first step to bridging the gap between today’s ITops and the future of NoOps.
It’s useful to think of this in real terms — consider the impact of log4j on real ITops and secops (security ops) teams earlier this year. Suddenly, teams had to think about every endpoint that Log4j might have been on and manually patch each one.
What if there had been automation in place to make that process even marginally easier? What if you could run just one report and automation took care of everything else? That’s not NoOps yet, because humans still need to make the decisions. But it is getting closer to moving humans from “in the loop” to on it.
VentureBeat: How can enterprises draw the line between automating everything and automating the right things?
Jay Prassl: Automox’s approach automates the right things while still emphasizing the human element so that there is transparency and action possible at every step in the process.
Teams see the true value of automation when they know and have visibility into what’s happening. Once you create this confidence, it then becomes naturally easier to enact automation across a broader set of responsibilities.
Automated control makes it possible for ITops teams to do their jobs more quickly, easily and with peace of mind so they can step away from the night or go on vacation and not have to remain on-call for any urgent issue.
IT teams deserve better than what they are being given today.
VentureBeat: What role does automation play in augmenting the capabilities of human staff and security analysts?
Jay Prassl: I’ve touched on this a bit already, but it’s really all about speed, efficiency and lowering stress levels. I don’t think the industry thinks enough about how stressful these ITops jobs can be and how much quality of life improvements can add up to greater productivity and satisfaction gains.
VentureBeat: How do you see the NoOps movement evolving throughout the next 5 years?
Jay Prassl: I think that we will make very big strides in the coming years and I believe that data and operational insights will be the fuel that drives the acceleration.
I think we’ll see more platforms and solutions that empower ITops teams and deliver the confidence and action needed to improve the current situation. I
TOps is at the heart of every company today. Equipping IT operators with modern automation tooling not only enables greater output and efficiency, but it also makes being an IT operator more enjoyable. This creates a virtuous cycle for both employer and employee.
Our IT and security teams deserve to have the trust and confidence to go on vacation or to log off for the night. And I do think we’ll get there much sooner than you think.
VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.