This post was previously published on The New Stack.
Automation is like running a marathon. It sounds like a great and noble pursuit until you actually go out and start pursuing it. At that point, it’s easy to fail if you don’t prepare yourself ahead of time for the challenges that are inherent to the process.
Indeed, although automation can provide a number of awesome benefits, whether you actually reap those benefits depends on how easy it is to implement and manage automation tools. And, as many teams discover, doing these things may be harder than it often seems.
That’s why it’s critical to take a balanced approach to automation by being strategic about what and how you automate. Keep reading for a discussion on what to consider before developing an automation strategy for your team or business.
The Pitfalls of Automation
If you work in IT or security, you probably don’t need to be reminded about why automation is theoretically useful. You already know about automation’s theoretical benefits: It can save time, reduce toil, reduce errors and so on.
What’s easier to overlook, however, are the potential pitfalls of automation. If your organization isn’t actually ready for automation, or the automation tools you choose are not a good fit for your organization, automation can do more harm than good.
Specifically, automation may lead to problems like:
- Slower tool deployment because your team struggles to manage the complex configurations required to implement automated workflows.
- High rates of false positives and negatives because your automation tools are not configured properly for your environment.
- Dependency on key employees to manage automation tools because only those employees know how the tools work or have the skill sets to support them.
- Half-baked automations where some parts of your workflows are automated but others are still manual, and no one is sure which is which.
- The automation of poor processes, which results in problematic processes being performed faster. It would be better to step back and redesign a flawed process than apply automation to it.
To avoid these pitfalls, you need to take a measured and systematic approach to automation. Rather than jumping head-first into automation tooling without having a plan about how to deploy or manage it, ask yourself these questions.
1. What Will You Automate?
Although it’s tempting to imagine that you’ll automate everything, almost no one does that. There will always be some processes that you operate manually, either because you lack tools to automate them, or they don’t occur frequently enough to benefit from automation.
So, sit down ahead of time and identify the specific processes you plan to automate. Make your choices based on how much benefit you’ll gain by automating each process, as well as how easy it will be to automate it.
Keep in mind, too, that some processes should be only partly automated. For instance, maybe you need to grant just-in-time access to a user. Elements of the process like identifying the user and confirming current access rights can be automated. But confirming whether that access is warranted can be left to a human.
2. Who Are the Automation Stakeholders?
Deploying automations can change the way a number of teams or individuals work. You should identify who those people are and how automation will affect them.
If you deploy security automations, for example, not only your security teams will be impacted. Network engineers, developers, IT engineers and so on also may be affected.
Make sure you have plans in place to communicate to all stakeholders how automation will affect them and how they need to update their workflows as a result.
3. Who ‘Owns’ Automations?
Along similar lines, it’s important to determine who is responsible for maintaining automations and dealing with any unintended consequences of them.
Who will ensure that automation tools are updated to support a new type of resource? Who will document how the automation tools are deployed and configured? Who will be held responsible if an automation tool generates a false negative and you miss a risk as a result?
If you don’t have clear answers to these questions, you run the risk that your automations won’t be properly maintained, and that they’ll create chaos within your organization.
4. Why Are You Automating?
Your rationale for adopting automations should never boil down to “because automation is good.” Instead, be specific in determining the outcomes you hope to achieve.
Are you automating in order to speed up workflows? To reduce toil? To do more with fewer engineers?
By answering these questions, you ensure that you can accurately assess the impact and return on investment of your automation initiatives. Otherwise, you are left in the position of having a vague automation agenda and a low ability to justify your automation investments.
5. Do You Have the Skills to Automate?
Last, but certainly not least, it’s absolutely critical to ensure that your teams have the skills necessary to deploy and maintain automation tools.
This is vitally important because some automation tools are much harder to configure than others, no matter how easy they are to use once set up. A SOAR, for example, is great if it’s carefully tailored for your environment, but configuring it may require writing a lot of custom code and policies – processes that could be out of your reach if you don’t have skilled security engineers and developers at your disposal. On the other hand, security tools like Torq, which is designed to be easy enough so that even non-technical users can create security automations, require fewer skills to deploy effectively.
The point here is that you need to take a close look at your organization’s skill sets, as well as the automation tools you plan to use and make sure they are in alignment before you commit to automation.
Automation is great, but only when you wield it wisely. Instead of automating just to automate, be sure you have a purpose, a plan and automation tools aligned with them to maximize your chances of automation success.