New Year, New CISO (AGAIN!)!

Most people think of Robotic Process Automation (RPA) as a tool that does a single thing, automating what occurs between any two points within a process or supply chain. While this is mostly true, it is only half of the story. RPA automates an action, but it also automates, collects, and generates data that can be of even greater value than the automated action itself.  A fair working assumption is that the greater the complexity of a process or supply chain (and the greater number of RPA points) the greater the value of the data generated by the RPA effort. This is genuinely nerdy. Hold on though, it will make perfect sense and be more interesting than it might first seem.

Organizational Complexity and RPA

Consider a large manufacturing company’s supply chain, in which there are dozens of organizations delivering the products or materials created. There can be dozens of additional partner companies in the supply chain as well, not to mention associated third  party service companies (shipping, receiving, distribution). The entire process can be quite complex, particularly when one considers horizontal or vertical integration points, or even both. That last level of complexity will give you gray hair almost immediately.

If you automate the handoffs within and between various companies and business units, you can create a map of real-time movement within the supply chain. This resembles the Digital Twinning being discussed in technology circles today, though RPA can generate real-time observability of what you did not know could be seen between systems. In other words, RPA creates an opportunity to learn what you could otherwise never know and help you identify opportunities for continuous improvement.

Using RPA Data to Uncover Business Opportunities

For example, you may see that a dozen grouped RPA robots regularly go idle from 8:00 pm Wednesday to 8am Thursday. The managed RPA data shows exactly where the inputs were missing; upon investigation you discover that one supply chain provider stopped its output at that time for retooling, upgrades, or factory line switching – despite contractual arrangements otherwise. Short of a wildly expensive and years-long multi-company ERP implementation (don’t get me started) there is no other way to gather and act on these occurrences until long after they happen.

An experienced business executive knows these sorts of things can happen every single day, requiring fast resolution. Managed RPA data can help you find these outliers faster and in real time. While I used a manufacturing example, RPA data can be just as impactful for generating actionable data across such industries and functions as services, logistics, retail, healthcare, finance, or advanced technology.

These are not small discoveries, 20% of your output being impacted in one day can be the difference between hitting a delivery date or missing it, between getting repeat business or not, or winning or losing a client. In our hyper-competitive areas, these lapses can have serious consequences.

RPA Data Is an Added Bonus

Remember, RPA can pay for itself in savings and efficiency gains through automating actions alone, so these real-time data outputs are icing on the cake – they are bonus value-adds generated by RPA teams that have a deep understanding of business. A smart company takes advantage of that data and genuinely appreciates the heads-up.

One client I worked with so appreciated the data generated that they named the collected RPA points as “Robby the robot,” and would send out emails that said, “Robby sent a note, somethings going on at X.” usually followed by someone saying, “Thanks Robby!” or “Robby Rocks!” It is why so many companies create cute robot icons for their RPA integrations in genuine appreciation for the unexpected value they can add if effectively managed, monitored, and observed.

At this point, I am seriously considering creating and selling T shirts with a cute RPA robot that says, “Danger Will Robinson!” directed at value-added RPA data. However, I am a bit concerned that will get me sued, or even worse it might give away my age.

Private Equity Firms and Corporate Boards have a decision to make. With increased cyber-attacks happening globally, which will only increase with AI-driven hacking, Boards have to change their stance regarding the security and risk of the companies they manage.

Current board governance protocols are not keeping up with accelerating levels of risk.  Ransomware, hacking, and data exfiltration are increasing despite current oversight. The costs of cyber insurance are skyrocketing, and, as the effects of a breach today are more impactful than ever, your cyber insurance company may not cover all monetary damages. This is particularly true because insurance companies are aggressively auditing claims in an effort to uncover a lack of controls or whether controls or processes were not faithfully followed.

Why?

Enter Drift. Drift is the gradual shift or deterioration of an environment from the original configuration that happens over time, is generally ad hoc, and is not recorded.

Myth:  The current audit committee standard of an auditor following a checklist of security software solutions, penetration testing, and end-point protection will keep you safe.

Fact:  If you examine recent high-profile cyber incidents, you come away with one inescapable conclusion. In each instance where an employee clicked a link or bypassed a step, the core protections that were audited and expected to mitigate the occurrence downstream either failed or simply weren’t there any longer, despite the original security setup being well-designed, well-intentioned, and complete.

These recent attacks all occurred at companies that are very good at what they do, and their IT teams are top-notch. However, building security up by layers, even if done correctly, does little good if base-level foundational controls are not present or become by-passable over time. It is a dirty little secret that one employee looking for an easier way to do something can lead to a change that creates a previously non-existent security problem. Over time these shortcuts and bypasses are almost inevitable, absent herculean efforts otherwise.

What is the solution?

Foundational Oversight. It is an ON-GOING and highly disciplined continuous improvement process. It is not hard, but it does require focus and accountability. Foundational Oversight has 4 activities that boards need to adopt and champion:

1) A thorough third-party assessment of the security setup at the companies they manage. An outside team needs to review the base configurations of your technology, Active Directory, permission controls, and service accounts; conduct data valuation and protect surface exercises and more. This is a ground-up re-examination of what was built and why, and what changes or exceptions have been built into the core of your infrastructure and connectivity over time.

2) A Security Improvement Plan (SIP)built, updated, and maintained by a 3rd party, that lays out the core, secondary, and tertiary improvements needed to lower your company’s risk.

3) Training protocols review and improvement. This is another area that, while it may be done, and done reasonably well, a wholesale review of what is needed (and what is unnecessary) should be a regular event.

4) A review and reaffirmation of Business Continuity Plans (BCP). With attacks happening more often, the assumption is now that a company will be attacked, and a Business Continuity plan must be developed and tested that can survive an attack– not just an outage. Make no mistake here, this step has to be refreshed regularly as technology stacks and configurations change constantly (see our comments about drift above!!). If it has been more than a year since development and testing of your full BCP, you are not in any way secure.

As a side note, a BCP has to contain two elements:  1) Recovery and 2) interim operations management processes (e.g., the work-arounds you will use while you are fighting the attack and recovering). That last one is almost always missed or given little attention, but it can be just as critical to saving your client base as the recovery itself. Your clients (and your sales teams) will thank you.

Foundational Oversight is not a one-and-done solution, but an annual set of events that needs to be continued and maintained over the life of the business, with each of the four steps being reexamined and renewed each year. Again, an outside company managing and monitoring these efforts on behalf of the board is critical.

PE Firms and Boards (and their CEOs as well) are the ones taking-on the risks of the companies they manage and maintain.  It is up to them to put these foundational oversight steps in place on behalf of themselves and their shareholders.

The landscape of cybersecurity is constantly evolving, presenting new challenges and risks. With advancements in technology, the emergence of artificial intelligence (AI) and automation has significantly transformed the cybersecurity landscape. This blog post featuring Altiam Digital CEO and cybersecurity expert Wayne White sheds light on the biggest cybersecurity risk of the moment and its implications.

Understanding the Biggest Cybersecurity Risk

“I have been asked the question: "What is the biggest cybersecurity risk at this moment?" I have to identify AI, machine learning (ML), and automation as the foremost risks. The integration of AI and automation has brought about revolutionary changes, but it has also introduced new vulnerabilities that cyber threat actors can exploit.”

Zero Day Exploits and AI-Enabled Automation

One very significant risk is posed by zero-day exploits. These exploits occur when cyber threat actors leverage newly discovered vulnerabilities in software or systems before the developers can patch them. The speed at which these exploits can be identified and exploited has been accelerated by AI-enabled automation. The race between security researchers, software developers, and cyber threat actors has been intensified due to the proliferation of advanced automation tools.

Hyper Automation and Its Implications

With the advent of hyper automation, tasks can be executed at an unprecedented speed and scale, surpassing what humans can achieve unaided. This has empowered cyber threat actors with the ability to leverage AI and automation to identify and exploit vulnerabilities at an alarming rate. The shift from manual testing to basic scripts and subsequently to AI-enabled automation has enabled cyber threat actors to perform their malicious activities at a scale and efficiency previously unattainable.

The Inevitability of Cyberattacks

White astutely emphasizes the inevitability of cyber attacks. He advocates for a proactive approach, urging organizations to prepare for potential cyber incidents and their aftermath. In the era of AI-enabled automation, this proactive stance becomes more critical than ever. Organizations must not only focus on preventing breaches but also be effectively mitigate and address the impacts of cyber incidents.

The Need for Enhanced Cybersecurity Strategies

In response to the escalating cybersecurity risks posed by AI-enabled automation, organizations must reevaluate and reinforce their cybersecurity strategies. This entails a multifaceted approach, encompassing the deployment of advanced threat detection technologies, robust incident response plans, and the cultivation of a cybersecurity-aware culture within the organization. Moreover, collaboration with cybersecurity experts and staying abreast of the latest developments in the cybersecurity landscape is imperative for fortifying defenses against emerging threats.

The integration of AI and automation in cybersecurity has undoubtedly introduced groundbreaking capabilities, but it has also unleashed unprecedented risks. As cyber threat actors harness the power of AI-enabled automation to expedite the identification of zero-day exploits, organizations must acknowledge the inevitability of cyberattacks and bolster their cybersecurity posture accordingly. By embracing advanced cybersecurity measures and a proactive mindset, organizations can navigate the evolving landscape of cybersecurity and mitigate the impacts of AI-enabled cyber threats. Ultimately, the collision of AI and automation with cybersecurity presents both opportunities and challenges, necessitating a comprehensive and adaptive approach to safeguarding digital assets and sensitive information in an era characterized by rapid technological advancement.

Learn more about strengthening your security stance in the face of growing cybersecurity risks.