Businesses interested in improving the use of automated processes to monitor the IT systems they use should work closely with an IT consulting firm to develop a plan that will best suit their own particular needs. Part of the discussion that takes place with such a firm, however, should include how the human element will interact with those automated processes.
According to Ron Ross, a senior computer scientist at the National Institute for Standards and Technology, "Certainly, we can't do this job of continuous monitoring without automation." However, Ross went on to caution that automation "is a necessary piece, but not sufficient, because there are a lot of things that only humans can do and humans do best. The combination of these activities really will work well to do what we would call a very robust continuous monitoring program."
There are a number of different ways to provide this human element, and businesses would be wise to explore them with the help of IT consultants that have relevant and recent experience in the interrelationship between information systems and those who work with them. Automated systems can do a great many things very efficiently, but they are limited by the amount of knowledge that is programmed into them. Contrary to popular knowledge, the average computer, even an advanced one, cannot really ‘think’ on its own. It can only do the thinking it was programmed to do.
This means that when the unexpected occurs, as is often the case with computer security concerns, human intervention is needed to make key decisions.