Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

9/4/2019
10:30 AM
Scott Totman
Scott Totman
Commentary
Connect Directly
Twitter
LinkedIn
RSS
E-Mail vvv
50%
50%

A Tale of Two Buzzwords: 'Automated' and 'Autonomous' Solutions Aren't the Same Thing

Enterprises must learn the difference between the two and the appropriate use cases for each.

There are many buzzwords used to describe various technologies marketed as tools that will make our lives easier. For describing security solutions, two words that come up often are "automated" and "autonomous." These words sound similar but have very different meanings. Often, confusion about the differences between the two types of tools lead IT professionals to mistrust both concepts, and they avoid using them even in instances where they can provide great value.

Let's explore the differences between automated and autonomous technologies, why so many IT pros are wary of solutions that tout these capabilities, and what specific applications actually warrant their use.

Autonomous Solutions
An autonomous system learns and adapts to dynamic environments and makes decisions (or takes actions) based on ever-changing data. Such systems use machine learning (ML) and artificial intelligence (AI) to learn from data, and the more data they ingest, the better they learn. In certain applications, autonomous systems eventually will become more reliable than humans and will perform tasks at an efficiency level not humanly possible.

Automated Solutions
Automated systems run within a well-defined set of parameters that consistently execute the steps as defined. The decisions made or actions taken by an automated system are based on predefined rules, and the system will perform those decisions/actions perfectly every time, eliminating the possibility of human error.

Fear of Autonomous Systems
The biggest issue with autonomous systems is when they're deployed for the wrong purpose. For example, if you're building a system that’s highly predictable and performs the same function repeatedly, then an automated system provides value because it is simpler, easier to maintain, and requires fewer resources to continue working. Leveraging autonomous systems for these types of solutions may wind up being overly complex relative to the job being performed and introduces unnecessary risks, such as the systems learning incorrectly and performing the wrong action in the future. The possibility that an autonomous system will make the wrong call and implement a change in the company's IT environment on its own is terrifying.

For example, an autonomous system that checks for improperly configured storage instances, such as S3 buckets, may not have the proper insight into compensating controls and incorrectly quarantine or remove the instances. The downstream effects could involve applications that are no longer able to run, causing a widespread outage. This is not a flaw in the way the autonomous system runs per se but an error by the developer who created the system.

The possible repercussions (misconfigurations, data breaches, fines for falling out of compliance, numerous false positives resulting in service outages, etc.) are so great that many companies have decided not to implement autonomous or automated systems in any form because of the widely held misconception that autonomous and automated systems are synonymous.

Companies that write off autonomous and automated solutions entirely are missing out on significant benefits. When used in the right environment and for the proper tasks, these solutions greatly increase efficiency and eliminate human error.

When to Use Autonomous Systems
Autonomous solutions are best used when the full spectrum of possible scenarios is unknown, and therefore there are no predefined rules for how to respond to new situations. Self-driving cars are the go-to example of why autonomous solutions are necessary, because there are too many different variants for a rules-based approach.

In the world of cybersecurity, these solutions are important because hackers are constantly coming up with new attack methods. Suspicious activity that has never been seen before (and therefore no rules exist for it) could slip by an automated system, but this is what autonomous solutions are built to identify and respond to.

Specific examples of use cases for autonomous systems include:

● Detecting anomalous activity in very large, complex data streams (e.g., network intrusion detection)

● Identifying unknown threats (e.g., zero-day exploits)

When to Use Automated Systems
Automated systems are best used in highly predictable scenarios and tasks for which a best practice already exists. A company can easily leverage its own talented IT team to build a perfect process for performing certain tasks, and then implement automated tools that will perform those tasks precisely, every time. Automation is especially needed in cloud environments, where the rate of change in configurations is immense. In an hour, it's not uncommon for there to be a million changes in a company's cloud services.

Human IT teams know how to determine whether a change is harmless or if it needs to be corrected, but they can't keep up with the rate of change. An automated solution can take the knowledge of the IT teams and apply it instantaneously across the cloud environment and determine which of those million changes per hour are harmless, which require an easily automated remediation, and which are perhaps so far outside the normal expectations that they require a human to review and address.

Specific examples of use cases for automated systems include:

● Correlating data streams to provide actionable guidance (e.g., unified visibility)

● Implement protections consistently, in real time, at any scale (e.g., policy-driven automation)

● Infrastructure and application-level compliance checks within a corporation's environment

It's important to remember that with automated solutions, companies maintain full control over their environments because their IT teams set the rules for how those solutions will perform certain tasks. With autonomous solutions, companies relinquish much of that control and trust that the AI/ML capabilities of that tool are learning from the constantly changing variables in their environments and making the best decision possible when faced with new scenarios.

While automated and autonomous solutions have distinct differences, and unwise deployments of each have sparked uncertainty around their use in IT, both types of systems can provide immense value if used appropriately. Additionally, both types of solutions will continue to advance and become more intelligent, and thus offer increased benefits to enterprises that are using automated and autonomous solutions in the proper settings.

Related Content:

Check out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's top story: "'It Takes Restraint': A Seasoned CISO's Sage Advice for New CISOs."

Scott Totman brings more than two decades of experience in enterprise application development to DivvyCloud.  As VP of engineering, he is responsible for the ongoing development and delivery of DivvyCloud's software. Prior to joining DivvyCloud, Totman was the vice ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
US Turning Up the Heat on North Korea's Cyber Threat Operations
Jai Vijayan, Contributing Writer,  9/16/2019
7 Ways VPNs Can Turn from Ally to Threat
Curtis Franklin Jr., Senior Editor at Dark Reading,  9/21/2019
Security Pros Value Disclosure ... Sometimes
Dark Reading Staff 9/19/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: I wish they'd put a sock in it.
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-16691
PUBLISHED: 2019-09-23
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVE-2019-16707
PUBLISHED: 2019-09-23
Hunspell 1.7.0 has an invalid read operation in SuggestMgr::leftcommonsubstring in suggestmgr.cxx.
CVE-2019-16708
PUBLISHED: 2019-09-23
ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to XCreateImage.
CVE-2019-16709
PUBLISHED: 2019-09-23
ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrated by XCreateImage.
CVE-2019-16710
PUBLISHED: 2019-09-23
ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrated by AcquireMagickMemory in MagickCore/memory.c.