As leaders at federal civilian, health and defense agencies continue to grapple with the explosion of data coming at them from all directions, the need for more robust platforms, capable of managing and making sense of all that data, has taken on new urgency.
The good news is, a new generation of AI-assisted IT operations (AIOps) platforms and intelligent analytics platforms — as well more advanced security orchestration, automation and response (SOAR) solutions — are giving agencies powerful new capabilities to keep up with that data, according to a new report from FedScoop.
The availability of AIOps, data analytics and SOAR solutions are expected to play an important role in helping agencies achieve the White House’s May 12 “Executive Order on Improving the Nation’s Cybersecurity.” The order, among other directives, requires agencies to begin implementing new steps to modernize their cybersecurity practices and improve how they respond to cybersecurity vulnerabilities and threats. Those requirements come on top of the Federal Data Strategy 2020 Action Plan, which calls for agencies to take concrete steps to govern, manage, protect and leverage the value of federal data.
The challenge agencies face, according to the report, isn’t just the volume of data getting generated and processed every day. It’s how to effectively assemble so many types of structured and unstructured data emanating from so many disparate systems — and then, how to make sense of it in order to make timely business decisions or mitigate cybersecurity threats.
The report, which was underwritten by Splunk, outlines five critical functions that modern AIOps platforms can now perform, from ingesting dating to analyzing it in real time and initiating remedial actions when necessary.
It also touches on the benefits of platforms like Splunk SOAR and Splunk IT Service Intelligence (ITSI) platforms, that can help agencies reduce the time it takes to investigate and resolve IT issues.
Ann Mehra, strategic healthcare programs leader at Splunk, recalls in the report how “close to 50 individuals were trying to get to the root cause of what was happening, utilizing a number of different tools. We stepped in and in 48 hours, we were able to look across the organization’s networks, across its applications, and across its data sources and were able to identify the root cause.”
ITSI also gives agencies a platform for managing large-scale IT development projects. That was the case when the U.S. Census Bureau decided to conduct the 2020 decennial census online, requiring a massive effort to modernize their IT, security and data operations, according to Wylie Vasquez, leadership advisor for observability and AIOps markets at Splunk.
One of the key advantages Census found in Splunk’s Data-to-Everything platform, according to the report, is the ability to ingest and unify nearly any kind of data — structured or unstructured, including logs, metrics, text, wire, API or social-media — from nearly any tool and any system, on-premises or in the cloud.
Another benefit of automation, the report says, is the ability to reduce the potential for human errors or delays that can occur in highly repetitive tasks. Automation also can help agencies maintain greater system continuity in circumstances where personnel rotate in and out of positions, as is routinely the case in the military.
“Removing the error factor” is one of the key benefits of automation, says Eric Hennessey, staff consulting solutions engineer for national defense accounts at Splunk. “Whenever you can take humans out of the loop on some of these tasks — especially a task that you do over and over again — and institutionalize these repetitive processes, using an automated playbook like we do with Splunk SOAR, you greatly reduce that opportunity for error.”
Read the full report on how automated analytics can improve digital services, security and workflows.
This article was produced by FedScoop and sponsored by Splunk.