Andrew Sweeney, ReadyWorks: "the threat landscape is continuously evolving with more sophisticated and organized attacks"

New technological innovations open borderless possibilities for companies to improve their product quality, performance, and efficiency. However, the implementation process can create security gaps that are often exploited by threat actors and discourage companies from innovating.

Enterprises are implementing the best anti-malware practices and products to reduce the risks of attacks when introducing new technologies in their landscape. However, it’s not always easy to manage all security aspects at once.

Today, we talked with Andrew Sweeney, the Co-Founder of ReadyWorks, about how companies can leverage intelligent automation, machine learning, and artificial intelligence to improve cybersecurity solutions when adopting new technologies.

Tell us the story behind ReadyWorks. How did this project come about?

ReadyWorks was born in the trenches by a team of engineers and project managers that have been delivering IT transformation programs to enterprises for the last 20 years. We saw first-hand the high costs and risks associated with IT infrastructure transformation and recognized that legacy systems and manual processes would never meet the growing demand for rapid adoption of emerging technologies at scale. We built ReadyWorks to tackle these challenges head-on.

Can you tell us a little bit about what you do? What are the main challenges you help navigate?

IT transformation programs have been run the same way for the last 25 years – spreadsheets, static project plans, manual processes, and a lot of sweat equity. This approach is outdated, introduces risk, increases costs, and causes unnecessary delays. ReadyWorks, a digital platform conductor (DPC), represents a different approach to IT transformation which helps organizations deliver higher quality transformation programs with fewer resources.

Specifically, ReadyWorks orchestrates all of the systems, engineers, and end-users involved in a transformation. It collects and aggregates data from IT and business systems, then cleans and analyzes information about the entire IT estate, including endpoints, users, applications, and all their interdependencies. Finally, it defines the rules for change and uses Artificial Intelligence (AI) and intelligent automation to implement those changes.

ReadyWorks provides IT teams with a holistic view of the environment, how future changes will impact that environment, and how and when those changes should be made so that users and business operations are not adversely impacted. In addition, ReadyWorks provides real-time visibility into program status, improving program transparency and accountability while eliminating the need for manual reporting.

What types of technology do you use to automate and enhance workflows?

ReadyWorks uses AI, intelligent automation, and machine learning to automate and orchestrate workflows, including those for end-users, project teams, and systems.

Examples of workflows that ReadyWorks automates include communications with end-users and stakeholders, data attestation, scheduling, task assignment, system commands, opening and closing tickets, and record updates.

Has the pandemic presented any new challenges in the IT field? Did you add any new features as a result?

The pandemic forced companies to accelerate digital transformation programs in support of anywhere operations, a term coined by Gartner to describe an IT operating model designed to support customers everywhere, enable employees everywhere and manage the deployment of business services across distributed infrastructures.

This increased operational complexity combined with skills and resource shortages, employee churn, and mergers and acquisitions has left many IT teams struggling with an ongoing onslaught of new service requests and project backlogs. IT teams are recognizing they must adopt a more agile and automated approach to keep up with the demand.

ReadyWorks provides the agility and automation IT teams need. The category of a Digital Platform Conductor is a superset of features that address many of those challenges brought on by the pandemic.

Maintaining creativity has become a serious struggle for some organizations. How can companies foster creativity and innovation when the majority of employees are working remotely?

One way companies, more specifically IT departments, can foster creativity and innovation is by surveying internal teams to understand what tools are currently being used across the organization. It's also vital to ask if there are any new tools they have identified that could help with ideation, collaboration, and brainstorming.

Automation and self-service capabilities within ReadyWorks can be used to streamline this process and improve collaboration between IT and the rest of the organization. Using ReadyWorks to orchestrate and automate the onboarding of these new technologies will allow IT to meet broader business transformation goals.

Freeing up employees from mundane tasks by applying AI and intelligent automation is a great way to make room for creativity and innovation. The time that would have been allocated to repetitive tasks can now be reallocated for cross-functional brainstorming.

For example, instead of spending hours manually creating reports and emailing administrative updates, teams could use tools that aggregate and analyze information to provide real-time reports and dashboards in a self-service capacity. Interpreting data from different perspectives gives the time to explore and get creative around bottlenecks, inefficiencies, and methods to improve on “the way things have always been done.”

As work-from-home becomes the new normal, what cybersecurity threats do you see becoming a common occurrence?

I expect an increase in the following cybersecurity threats that are likely to continue center on Bring Your Own Device (BYOD) risks:

• Data theft via employee-installed applications with security vulnerabilities or when their personal devices get lost or stolen
• Network vulnerabilities for employees not using a secured company network
• Shadow IT
• Malware
• Access to company applications and data after an employee has left the company

To combat these threats, companies need to have a robust asset lifecycle management program for physical and virtual assets. This begins with asset tracking and delivery through OS and application upgrades all the way to how data-bearing equipment is handled before entering an IT asset disposition program.

Why do you think certain companies are reluctant to update their cybersecurity or try out new, innovative measures?

There are a lot of aspects to consider around cybersecurity and the potential financial, operational, and/or reputational impact on an organization. The threat landscape is continuously evolving. With more sophisticated and organized attacks, it is difficult for organizations to know where they are vulnerable or have elevated risk. This requires mature, continuous processes across a multitude of security domains. In addition, there are so many security products and solutions with overlapping functionality that companies without a dedicated focus on cybersecurity and the appropriate resources often don’t know where to focus their investment to gain the most value.

Which security solutions do you see taking off in the next few years? Which ones are better suited for average individuals and which for large enterprises?

It’s always hard to predict trends in cybersecurity due to the ever-evolving threat landscape. Despite that, we feel that solutions focused on Zero Trust principles, particularly for cloud environments, will be in high demand. Additionally, remote access security solutions will be critical with work-from-home models being so prevalent.

For average individuals we still believe that the most important solutions are always to focus on the basic best practices and be diligent, particularly ensuring all of your devices are patched, always being cognizant of suspicious emails, and not clicking on suspicious links.

Would you like to share what’s next for ReadyWorks?

Asset lifecycle management and IT infrastructure transformation are top priorities for enterprises. Whether they are implementing new technologies that improve operations and enable company growth or reducing security vulnerabilities by upgrading EOL servers, operating systems, or applications, companies are realizing that legacy systems and processes will not help them meet these objectives. And for heavily regulated industries, like financial services or pharmaceuticals, the added threat of millions of dollars in fines is driving organizations to rethink how IT programs are managed.

That’s where ReadyWorks comes in and gives enterprises an accurate, real-time view of their entire estate, which helps them identify security threats and make informed decisions for infrastructure transformation. Knowing where all hardware is, who is using it, which OS version is installed, and which applications are being used helps them create a plan to mitigate security vulnerabilities. ReadyWorks orchestrates and automates this plan, helping organizations transform faster without breaking access to critical business systems and applications in the process.