The Critical Shift: The Business Value of Intelligent Ops

Intelligent Ops modernizes operations, offering value to the business in various ways. Three primary opportunities with Intelligent Ops include:

• Modernized operations: Leverage Generative AI (GenAI) and modern technology to eliminate manual processes and scale IT operations.
• Enhanced security: Proactively predict potential security incidents and speed remediation via AI-generated playbooks.
• Greater service reliability: Extrapolate trends and identify likely problems before they happen to reduce potential issues or outages.

Modernized Operations

Traditional Ops and, to an extent, AIOps rely heavily on manual operations. Humans are responsible for investigating and triaging alerts, writing playbooks for use by AI, and defining configurations and baselines via Infrastructure as Code (IaC).

Intelligent Ops leverages GenAI to truly automate these traditionally tedious tasks. Instead of using predefined playbooks, GenAI writes its own and executes them with analyst approval. Intelligent Ops can monitor the entirety of an organization’s IT environment, detect anomaly trends, and develop strategies for optimizing the use of existing infrastructure and cloud resources.

Example: Automating Alert Management

Alert triage and investigation make up the bulk of Tier-1 analysts’ duties. On average, a corporate SOC receives 4,484 alerts per day. A vast majority of SOC analysts (78%) claim it takes at least 24 minutes to investigate a potential alert, and about half of these are false positives.

In the end, a single analyst could theoretically manage about 20 alerts per 8-hour shift if they did nothing else. The average company would need to employ 225 analysts – at an average salary of $76,972 – to manage all of their alerts. If this were possible, the company would spend an estimated $17.3M on alert management and waste half of that due to false positives. In reality, however, most alerts are largely ignored, leading to expensive security incidents. On average, a successful data breach costs a company $4.45 million.

Intelligent Ops and GenAI eliminate the need for Tier-1 analysts to waste hours on alert investigation and triage. The platform automatically analyzes alert data, weeds out false positives, and develops remediation plans for true threats. This limits the analyst’s role to reviewing and approving the AI-generated response playbook, freeing up time and resources for other duties.

Example: Identifying hidden cloud costs

On average, public cloud spend is 18% over budget. One of the main drivers of this is the fact that the average company wastes an estimated 28% of its cloud spend. Often, this is caused by hidden causes of the cloud, including suboptimal resource usage, failure to take advantage of provider discounts, and similar factors. With nearly a quarter of companies spending over $12 million on public cloud resources, a 28% reduction saves the business millions per year.

Intelligent Ops enables ongoing monitoring and trend analysis to identify an organization’s true cloud resource needs and help to close the gap. Remediation recommendations may include consolidating underutilized systems, moving resources to less-costly zones, or taking other actions that reduce resource consumption without negatively impacting service availability or performance.

Enhanced Security

SecOps is one of the three core pillars of Intelligent Ops. Intelligent Ops platforms enhance threat detection and remediation capabilities in various ways, including:

• Alert management: Analyze multi-source alert and log data, identify true threats, and use GenAI to provide high-quality descriptions with recommended remediation actions.
• Predictive issue detection: Perform trend and anomaly detection to extrapolate potential operational and security issues and implement controls.
• Greater visibility: Continuous monitoring and analysis provides investigators and threat hunters with context-rich security datasets.
• Automated remediation: Automatically generate security playbooks and execute at scale after receiving analyst approval.

Example: Instant Incident Remediation

Security incidents are commonly classified using the 5-tier severity scale with Sev-1 being the most impactful. A common SLA for Sev-1 incidents is response within 15 minutes and remediation within four hours.

This remediation time is split between root cause analysis and incident response. The security team needs to understand what went wrong, develop a remediation strategy, and implement a solution or workaround that enables normal operations. Under normal circumstances, four hours of downtime is considered acceptable for this process.

With Intelligent Ops, this time drops to nothing. An Intelligent Ops platform can instantly perform root cause analysis and generate a remediation plan for the issue. Once a human analyst approves it, the solution is implemented automatically, remediating the incident within seconds.

Example: Reduced Data Breach Costs

Estimating the total cost of a security incident is difficult, depending on the type of incident (data breach, ransomware, etc.), the scope, and the duration. Additionally, many intangible costs of a security incident – such as lost sales due to reduced customer trust – can be difficult to estimate and have long-tail effects.

However, focusing on one type of security incident provides some insight into the potential cost savings of Intelligent Ops. According to the 2023 IBM Cost of a Data Breach Report, the use of AI and machine learning-driven insights reduces the average cost of a data breach by over $225k.

The duration of an incident also had a significant impact on the cost. In fact, a data breach with a lifecycle of under 200 days cost over $1 million less on average ($3.93M) than one with a lifecycle of over 200 days ($4.95M).

Intelligent Ops offers continuous monitoring, analysis, and automated remediation, extending beyond the "AI and machine learning-driven insights" emphasized by IBM, which can lead to substantial cost savings.

Example: Simplified Compliance Management and Reporting

Companies are subject to an ever-expanding array of regulations, and achieving and maintaining compliance with these requirements is expensive. On average, companies spend an estimated 25% of revenue on compliance costs.

For example, many merchants are subject to the Payment Card Industry Data Security Standard (PCI DSS), which is designed to prevent financial fraud and protect cardholder data. Depending on the size of the organization and its compliance requirements, companies can expect to pay $15-50k per year to complete a Self-Assessment Questionnaire (SAQ) or pay a Qualified Security Assessor (QSA) $30-200k per year for a Report on Compliance (ROC).

The bulk of these costs – especially for a SAQ – are associated with collecting the data required by the report. An Intelligent Ops platform can use GenAI to collect, analyze, and format the data for the report, largely reducing these costs.

However, the power of Intelligent Ops isn’t limited to reporting. With its continuous monitoring and predictive analytics, the platform can identify and correct potential compliance gaps as well. This can further reduce the cost of achieving or maintaining compliance, which often dwarfs the price of compliance reporting.

Greater Service Reliability

Intelligent Ops provides the analytical data required to proactively identify potential issues and incidents and accelerate remediation at scale. Some of the primary means by which Intelligent Ops can enhance the reliability of an organization’s services include:

• Predictive issue detection: Extrapolate trends and relationships to find issues before they occur.
• Playbook generation: Suggesting and implementing remediation strategies tailored to the issue and system in question.
• Root cause analysis: Determine primary causes to prevent future and related issues.

Example: Eliminating accidental downtime

The cost of downtime varies based on a variety of different factors, including company size, industry vertical, and the systems in question. Estimates vary greatly, but 32% of companies state that an hour of unexpected downtime costs them at least $500,000.