Actionable Intelligence Meets Organized Action and Automation
|
|
- Hugh Wilcox
- 5 years ago
- Views:
Transcription
1 Actionable Meets Organized Action and Coordinated Human Action Actionable Aleem Cummins, SplunkTrust Member, Splunk CISO Customer Advisory Board Member
2 THE DISRUPTOR
3 Coordinated Human Action Actionable
4 WHY WHO HOW WHAT WHEN DIGITAL DISRUPTION
5 Data without Actionable
6 Gaining Actionable > Gaps/Challenges Security IT Operations Service Management DevOps Expertise Time Governance Infra Access Complexity Partial Data Ticket Management Resource Priority Speed / Confidence Inconsistency SOP Support
7 Consume Any Data Have Many Lenses
8 Actionable Prescription Coordinated Human Action Business Outcomes Make it about business outcomes Strategy Align to existing business strategies Actionable Value Create validated use cases with business sponsorship - Measure improvements Expectation vs Reality Kick
9 Coordinated Human Action Actionable
10 Actionable without Coordinated Action
11 Taking Action > Gaps/Challenges Security IT Operations Service Management DevOps Speed Triage Knowledge Environment Configuration Scale Availability Visibility Orchestration Resource Manual CSI Non-Linear Testing
12 Inaction Manual Automated Assisted People Time Systems Costs Risk Customer Experience
13 Action Prescription Impact Front Line over SME Coordinated Human Action Future Consider costs, scale and agility. Create models Communication Share success, be transparent, share updates and foster collaboration Actionable
14 Coordinated Human Action Actionable
15 Coordinated Human Action without Action without
16 Models vs Reality
17 Using > Gaps/Challenges Security IT Operations Service Management DevOps Speed Triage Knowledge Environment Configuration Scale Availability Visibility Orchestration Resource Manual CSI Non-Linear Testing
18 Intelligent Human-Guided Coordinated Human Action Manual Assisted Actionable Closed Loop
19 Maturity Model Intelligent Resolution Process Optimization Process Improvement Service Resolution Human-Guided Reduce Resolution Time/Effort Traditional Validation & Basic Resolution Correlation & Noise Reduction Incident & Alert Consolidation Reducing Incident Volume
20 Intelligent Human-Guided Coordinated Human Action Manual Assisted Actionable Closed Loop
21 Splunk + Resolve Validation & Diagnostics Minimize incident volume by proactively verifying and remediating events Level 1 Agent or Engineer Interactive Process Guidance with Human-Guided s Agent led through interactive procedures including instructions, decision trees & automations Infrastructure or Security Event Incident Resolution Dashboard Provides visual summary of automated tests and actions performed for each incident investigation with actionable next steps Level 2 Agents & Subject Matter Experts Resolution Record & Ticket Updated Resolve Connects to Applications, Networks & Infrastructure ITSM, Event Mgt, SIEM, Config Mgt, Devices, Firewall, IDS/IPS, Endpoint Protection, and more High Value Task Execution & Empowerment Refocused on complex tasks and building process guidance, decision trees, automations & analytics for first responders
22 Prescription Keep it Real Don t attempt to boil the ocean Identify top use cases Implement agile automations Coordinated Human Action Tools & Platforms Select tools and platforms that work together and leverage investment Human Decisions Combine human decisions and processes with automation Actionable
23 Creating Momentum Self 1 st Position Other Person 2 nd Position Meta Perspective 3 rd Position
24 Disruption Prescription 1. Align Business Objectives 2. Identify the Possible 3. Isolate Primary Use Cases Coordinated Human Action Manual Assisted 4. Identify the Too/Platforms 5. Create Momentum 6. Engage in Workshops Actionable Closed Loop
25 @AleemCummins LinkedIn.com/in/AleemCummins THANK YOU! Coordinated Human Action Actionable Meets Organized Action and Aleem Cummins, SplunkTrust Member, Splunk CISO Customer Advisory Board Member Actionable