Ivanti Blog: Service Management

Not All Agents Are Created Equal: Getting Agentic AI Right for IT

Wed, 08 Apr 2026 13:00:06 Z

Three months ago, a CIO told me her organisation had “already deployed agents.” Her endpoint team assumed she meant the telemetry clients on every managed laptop. Her service desk thought she meant AI chatbots. Meanwhile, her security architect heard “autonomous decision-making.” They were all right and all talking past each other.

This is the agent confusion problem. It sounds like a semantics issue, but it creates real misalignment when teams try to get serious about implementing agentic AI. So, let’s untangle it.

Three types of “agents” for IT — and how they fit together

1. Endpoint agents

Endpoint agents are the lightweight clients that have run silently on managed devices for decades — collecting telemetry, executing policies, applying patches. If you run a modern endpoint management platform, they’re already across your fleet doing the quiet, continuous work. They're your infrastructure layer: always listening and reporting but not making decisions.

2. Automation bots and workflows

Automation bots and workflows handle the repetitive, structured processes IT runs on: proactive issue identification, self-healing, password resets, account unlocks, software provisioning, approval chains. These aren’t legacy limitations to apologise for. A well-built password reset bot is fast, predictable and exactly right for that job. They're your execution layer: reliable, auditable and purpose-built.

3. AI agents

AI agents are something genuinely different. Where endpoint agents collect data and automation bots execute tasks, AI agents coordinate both. Orchestrated by large language models (LLMs), they understand intent, reason across context from multiple systems, plan multi-step actions and decide when to escalate an issue that requires human expertise.

But here’s the nuance that matters: a well-designed AI agent doesn’t replace the automation bot; it calls it. When an employee asks to reset their password through a conversational interface, the AI handles the dialogue, verifies identity, applies policy logic and then triggers the existing workflow to execute. Intelligence orchestrating automation. That’s the architecture worth building toward. Add endpoint telemetry, and the picture gets richer.

Here’s what this looks like in practice:

An employee messages: “My laptop has been crawling since the last patch.”

The AI agent:

Interprets the intent, recognises this as a performance issue potentially triggered by a recent change.
Pulls real-time CPU load, disc usage and startup process data from the endpoint layer.
Triggers a targeted remediation. Not a guess. A data-informed, auditable action.

That’s what self-healing IT looks like at the conversational layer.

What makes agentic AI for ITSM work

Getting agentic AI for IT service management right comes down to a few critical foundations.

Start with clean, current knowledge

An AI agent is only as good as what it knows and what context it has. Before enabling any agentic capability, audit your knowledge base and ask these key questions:

Is it current?
Is it tagged by use case?
Is it maintained after major changes?

Outdated knowledge leads to wrong outputs that quickly destroy employee trust. That said, these same AI agents can be used to accelerate knowledge creation, too. Every resolved ticket is a draught article. Every question the agent can't confidently answer is a knowledge gap it just surfaced for you. The agent becomes a contributor to your knowledge base, not just a consumer of it.

Provide context

Knowledge alone isn’t enough. Agents need real-time context across your entire IT environment. This includes device data from your CMDB, role and access information from HR systems and ticket history from ITSM. With this context layer, it’s possible to move from a smart-sounding bot to an agent that can close the loop.

Set governance guardrails

Having control and AI guardrails is not optional. Be deliberate about what the agent handles autonomously, what needs a human approval step and what always escalates. Having a human in the loop isn’t about being overly cautious. Rather, it’s a deliberate, intelligent design. For anything security-sensitive like MFA changes, privilege adjustments or data access requests, the agent should surface the decision, not make it unilaterally. Companies must build those thresholds from the start, not try to retrofit them later.

Change management

Even with the perfect setup, deployment fails when companies don’t consider change management.

Your service desk team needs a clear mental model of what the agent handles and where they take over. You might think of it like any other division of labour: you don't want overlap. You don't want humans burning cycles on tasks the agent can knock out instantly, and you definitely don't want the agent making calls where policy says a human needs to be in the loop. Clean boundaries keep both sides working at their highest value.

Your employees need to trust that context won’t be lost mid-conversation when an issue is escalated from agent to human. Immediately letting agents do more than foundational support is how a promising pilot becomes a painful rollback. Start narrow and earn the right to expand.

Here’s what success looks like

To prove ROI with agentic AI, organisations should focus on operational metrics that reflect real impact and can be improved through better orchestration.

Ticket deflection shows how effectively agents resolve common requests end to end without human involvement. Auto-remediation highlights when systems can diagnose issues and take approved corrective action, reducing manual effort and queue volume. Mean Time to Resolution (MTTR) reflects how much the system shortens the path from request to outcome by removing handoffs and tool switching.

Together, these metrics indicate whether agentic AI is truly reducing work, not just shifting it. But the most important measure is end-user satisfaction (CSAT). Speed without satisfaction simply creates faster friction.

The best agentic AI is invisible. Employees ask for help, get what they need, and move on without noticing the workflows, checks, or automated actions behind the scenes. Organisations that achieve success design agentic systems intentionally, with clear guardrails and a strong understanding of how autonomy reshapes operations.

Next steps

If you are evaluating the role of self‑service agentic AI in your IT ecosystem, a conversational entry point is often the most practical place to begin. Consolidating incident creation, service requests, knowledge access, and status checks into a single interface can reduce friction for employees while still respecting policies and existing workflows.

This approach lays the groundwork for a broader agentic platform. For IT leaders under pressure to do more with less, this is the moment to deliberately define how AI should operate, where autonomy adds value, and where guardrails are required.

Ready to take the next step in your agentic AI journey? Get our whitepaper for the framework, maturity model and implementation roadmap you need to succeed.

See It All or Risk It All: The Truth About IT Visibility

Mon, 06 Apr 2026 12:00:02 Z

In everyday life, ignoring what you cannot see may feel harmless. In IT, it creates a false sense of security and a costly illusion.

Although many organisations use some form of asset discovery, 2026 security research from Ivanti reveals that more than 1 in 3 IT professionals (38%) report having insufficient data about devices accessing their networks, and 45% say they lack adequate information about shadow IT. This lack of visibility leaves critical assets at risk of going undetected and unmanaged.

Yet hybrid environments now span offices, homes, clouds and data centres. As devices, identities, cloud workloads and SaaS tools move across these spaces, many of them fall outside the scope of traditional discovery methods. Unmanaged laptops linger on the network. SaaS tools are adopted without oversight. Cloud resources appear and disappear before the CMDB is updated. The result is an environment filled with assets that are present, influential and completely unseen.

The cost of partial visibility is far greater than most organisations realise. Any asset that is not tracked or understood becomes a source of risk, unplanned spending and operational inefficiency.

The scope of this challenge is clearly illustrated in Ivanti’s 2025 Securing the Borderless Digital Landscape Report:

3 in 4 IT workers say that personal device use, or BYOD, is a regular occurrence at their organisation. However, just 52% of this same group say their organisations explicitly allow it.
At companies where BYOD is not permitted, 78% of employees disregard the prohibition entirely.

The issue of shadow technology is increasing even further with the exponential rise in AI use in the workplace. According to that same Ivanti study, nearly a third (32%) of people who use generative AI tools at work admit to keeping their use of AI a secret from their employer.

The good news: complete, continuous visibility is possible, and organisations that achieve complete visibility reduce operational costs, eliminate blind‑spot-driven risks and strengthen compliance readiness. Modern discovery approaches now give IT the ability to see every asset, understand its context and manage it with confidence.

The hidden costs of partial IT visibility

Many organisations assume that achieving visibility over “most” of their assets is good enough, yet when some assets are unseen and unmanaged, critical risks can be hiding right under your nose. Examples of common visibility blind spots include everything from undetected laptops that can appear intermittently on IT scanners, newly-acquired SaaS tools adopted without IT involvement, orphaned cloud workloads that never make it into the CMDB and over-provisioned identities that go unnoticed and unpremeditated.

When even a small portion of your environment remains unaccounted for, four big problems surface immediately:

1. Security weakens

Unseen or intermittently visible assets miss patches, skip scans and create openings for attackers. Blind spots slow incident response and make aligning patching priorities difficult. According to a 2026 global study from Ivanti, 38% of IT workers say inaccessible and siloed data causes difficulty tracking patch status and rollouts.

2. Compliance falters

Adding to these security challenges, that same report finds that 35% of IT organisations feel that data visibility gaps make it much more challenging for them to maintain compliance.

Audit evidence becomes fragmented across disconnected tools, spreadsheets and inboxes. Without the ability to confidently track where data lives, it becomes impossible to prove compliance.

3. Software spend leaks value

Even with SaaS management or inventory tools in place, incomplete usage and entitlement data cause overspending. Companies lose roughly 25% of their SaaS budgets to unused entitlements, redundant tools and underutilised licences, according to Zylo’s 2025 SaaS Management Index.

Ivanti’s 2025 Technology at Work research found that nearly one in three IT workers (31%) say their organisations do not track unused/underused software licences, possibly because they may not have a complete inventory of the total. Moreover, 39% of IT teams say that outdated hardware drives wasteful IT budget spend.

Every resource you cannot see — or cannot verify — quietly drain your budget.

4. Operations lose efficiency

Conflicting or incomplete data forces teams to recheck device information, chase outdated records and remediate issues on the wrong assets. This slows service delivery and increases rework.

Partial visibility doesn’t just obscure reality. It creates hidden risks, hidden costs and hidden delays.

Why IT visibility gaps continue to grow

Unfortunately, visibility gaps are widening for many companies. As headcounts, devices, identities and SaaS usage grow, it becomes increasingly difficult for IT teams to maintain complete visibility. Several factors contribute to growing visibility issues, including:

Shadow IT and SaaS sprawl accelerating faster than IT can keep up.
Cloud resources appearing and disappearing within minutes.
Remote and hybrid workers connecting to networks outside the corporate network.
Identity sprawl expanding across dozens of apps and platforms.
Legacy discovery tools capturing only a fraction of the environment.

These pressures compound quickly. Employees adopt convenient tools before IT can approve them. When devices, servers, or apps are created in Cloud environments and deleted in minutes, they can be missed by security checks and monitoring. As a result, these short-lived resources might not get patched or protected, creating blind spots that attackers could exploit before anyone notices. Remote workers may never even touch the corporate network. SaaS, identity and device ecosystems expand far faster than legacy discovery tools were designed to track. Without continuous, multi-source visibility, organisations fall behind almost immediately.

To close these widening gaps, organisations must shift from reactive, point‑in‑time inventories to a model built on continuous, contextual, real‑time visibility. This is where understanding and achieving true visibility over your entire IT estate becomes critical.

IT visibility is more than just an inventory

Real visibility is not a list of assets. It is complete, current and trusted intelligence that every team can act on. Total visibility requires identifying every device, SaaS app, identity, cloud workload, configuration and usage signal; no matter where it lives or how long it exists.

It also means understanding relationships: who owns an asset, what data it touches, its risk level, its compliance impact and whether it is actually being used. This is the foundation that turns discovery from information into operational control.

How complete visibility transforms workflows

Once visibility becomes continuous and contextual, the entire environment transforms. Modern IT environments require more than passive observation. As threats, workloads and assets scale at unprecedented speed, organisations need intelligent, automated actions to turn visibility into real outcomes. AI-driven insights and automated workflows empower teams to proactively address security threats, remediate issues and optimise operations without waiting for manual intervention.

With the right approach, organisations can move beyond partial visibility and finally see:

every device, application, identity and cloud workload.
normalised and reconciled data presented as a single source of truth.
vulnerabilities tied to the exact assets and owners affected.
automated workflows that trigger patching, quarantines, CMDB updates and ticket closure with proof.
discovery that spans agent, agentless, active and passive methods to cover every corner of the hybrid environment.

How every team benefits from unified asset visibility

With unified, reliable asset data, every team benefits:

Security can map exposures to real assets and respond faster.
IT operations can close the loop from discovery to remediation to verification.
Endpoint teams can enforce policies consistently.
ITAM employees can optimise spending using accurate usage and entitlement insights, eliminating waste.
Compliance teams can produce automated, audit-ready evidence without manual effort.

Achieving complete IT visibility today

This level of clarity is achievable today. By using modern discovery approaches that combine agent, agentless, active and passive methods, unified asset intelligence ensures that IT teams achieve complete visibility, even as environments become more complex and distributed.

Unified asset intelligence ingests up-to-date data from every corner of the organisation, including devices, identities, SaaS applications, cloud workloads and network signals. This data is normalised and consolidated into a single, trusted source of truth.

Instead of managing partial or fragmented inventories from multiple tools, organisations gain a real-time, holistic view. Each asset is accurately represented with its key details and context, removing blind spots and allowing teams to confidently secure and manage the entire environment; eliminating guesswork, reducing risk and restoring control.

See how Ivanti Neurons for Discovery can deliver complete visibility to your environment.

How Agentic AI for ITOps Unlocks Value at Scale

Mon, 05 Jan 2026 17:00:02 Z

Here’s a paradox for the AI era: organisations are obsessed with the promise of AI as the key to unlocking productivity and enterprise transformation, and IT teams are all-in on the advantages AI and automation offer — yet those same organisations are the ones holding that transformation back.

While the majority of IT workers advocate for AI adoption, operational, cultural and budgetary barriers stand in the way of enterprises implementing AI at scale. The result: most companies today have yet to operationalize breakthrough AI and automation use cases that deliver true business value.

That’s not to say; most companies aren’t using AI — but mainly for completing lower-level tasks and boosting individual productivity. While this is an important step, enterprises will need to think bigger and longer-term to see significant ROI and digital transformation from their AI investments.

Automation and outputs vs. agentic AI autonomy

IT teams are ahead of the curve when it comes to generative AI adoption. 84% of IT professionals use generative AI tools at work, according to a 2025 Ivanti research report. That same research shows that IT professionals are also overwhelmingly positive toward AI and automation:

83% expect AI to boost productivity in the next year.
70% say it will make their work more satisfying.

Yet, for all that progress, companies aren’t tapping into the deeper potential of AI-driven technology. Many teams have mastered task-level automation (ticket routing, password resets, log summarization), but few have embraced agentic AI, which goes beyond execution to autonomous reasoning and optimization.

That gap between automation and transformation mirrors a larger problem occurring across industries. While most organisations are already using AI in some capacity, only a few have seen measurable business impact from their AI tools. McKinsey has referred to this situation as “the gen AI paradox.”

This disconnect between AI applications and ROI is further validated by an MIT report published in August 2025, which finds that a staggering 95% of organizations found zero return on generative AI despite $30-40 billion worth of investment in it.

The reason for the problem is straightforward: generative AI creates. It produces content, automates tasks, and accelerates workflows. However, it doesn’t learn, reason, or adapt on its own. The next phase of enterprise AI will be driven by systems that can interpret, predict and act dynamically: what’s now being defined as agentic AI.

Ivanti’s research further underscores the fact that most companies today have yet to integrate more complex AI use cases into their IT workflows.

While 67% of organisations automate ticket routing, fewer than one-third apply AI to root-cause analysis or other predictive use cases. This signals that most teams are still prioritising standard automation for tasks rather than enabling systems to think and act autonomously via agentic AI.

Standard automation and generative AI tools are frequently employed by IT teams to improve individual productivity and handle low-level, repetitive tasks at greater speeds than human intervention alone. The ability to boost efficiency with less time and resources is a critical advantage of AI — particularly for strained IT teams who are always being asked to accomplish more with less. But efficiency gains are only one piece of the puzzle.

Ivanti data also reveals a deeper organisational issue: nearly half of IT teams say their organisations lack resilience — the ability to adapt quickly to change, recover from disruption and maintain business continuity without excessive manual intervention.

True enterprise agility demands autonomous and adaptive AI solutions that can anticipate problems, reason through potential solutions and continuously learn how to deliver the most optimal outcomes.

This is where many leading organisations are turning to agentic AI. Autonomous AI agents offer teams the opportunity to reshape traditional IT operations from reactive automation to proactive, goal-driven collaboration. Realising that transforming ITOps with AI means moving from isolated automation wins to system-wide intelligence.

High-impact agentic AI use cases in ITSM and ITOps

Agentic AI is already moving the needle by reducing downtime, cutting costs and improving organisational agility.

Five high-impact use cases for agentic AI in IT follow:

1. Autonomous incident remediation

Autonomous remediation is where AI begins to move from support to strategy. In traditional IT operations, identifying and fixing an issue can take hours of human triage and escalation.

With agentic AI, those same incidents can be detected, diagnosed and resolved in real time — often before users notice any disruption.

Agentic AI doesn’t not only detect anomalies within that IT space and diagnose the root cause — it intelligently devises solutions and then executes fixes without human intervention. Moreover, machine learning enables the AI to learn from previous incidents and use this experience to continually refine and improve response efforts going forward.

2. Proactive problem prevention

Proactive problem prevention happens when AI can anticipate rather than just react to potential tech problems. Instead of solving a known issue, agentic AI continuously monitors data patterns and detects early warning signals in the form of small deviations that might evolve into service disruptions or security issues.

In other words, it moves ITOps toward proactive prevention, monitoring leading indicators and addressing issues before they become significant.

3. End-to-end lifecycle management

Autonomous AI agents will provide a more comprehensive and effective approach to asset lifecycle management.

This lifecycle view of automation extends beyond individual tickets or incidents to touch every stage of IT operations.

From onboarding new devices to patching and decommissioning outdated infrastructure, agentic AI ensures systems remain secure, compliant and cost-effective.

It not only fixes issues but also detects, diagnoses, and optimises IT systems from provisioning to retirement. It acts as a continuous improvement engine, learning from patterns across the IT ecosystem to proactively optimise resources, streamline updates and reduce the long-term burden on IT staff.

4. Dynamic change and release management

Dynamic change and release management is where agentic AI truly shows its orchestration capabilities. In most enterprises, change management remains a high-friction process, requiring coordination across multiple teams, tools and environments.

Agentic automation transforms this by allowing AI agents to collaborate on complex workflows including cybersecurity incident response and software deployment, working together with minimal human oversight to resolve incidents, provision resources and ensure compliance.

These agents act as intelligent coordinators: synchronising updates across systems, validating configurations and rolling back changes automatically when anomalies occur. The result is faster, safer and more predictable change cycles that free IT teams to focus on innovation rather than resource-heavy firefighting.

5. Autonomous resource and capacity management

Resource and capacity management are some of the most critical — and often overlooked — dimensions of IT performance. Using AI, companies can anticipate future resource needs by analysing historical usage trends, workload fluctuations, and demand surges. Agentic systems can automatically allocate compute power, storage and bandwidth before bottlenecks appear, maintaining optimal performance without constant human oversight.

Over time, these self-adjusting systems learn from operational data to continuously fine-tune capacity, reducing waste, minimising costs and ensuring service continuity even during unexpected spikes.

Research from IBM’s report, Agentic AI’s strategic ascent, underscores this pace of change: by 2027, twice as many executives expect AI agents will make autonomous decisions in workflows. Today, only 24% of executives report that level of autonomy; within two years; 67% expect this to be the norm.

Overcoming barriers and delivering enterprise impact

Yet progress often stalls; not for lack of intent, but because of structural barriers. IT leaders must first overcome the obstacles that stand in the way of their evolution to value-focused work. These barriers are multifold: technical, cultural and operational.

Even AI-forward IT organisations can lack the structural readiness for deep automation. For example, Ivanti’s “2025 Technology at Work Report” found that:

38% of IT professionals point to complex tech stacks as an issue in effective IT operations.
And 72% say their IT and security data is siloed within their organisation.

Building a sustainable AI strategy requires more than a positive attitude – it demands alignment between IT and the broader business. Successful organisations are the ones aligning technology goals with tangible outcomes, supported by clear data structures, unified processes and teams equipped to manage new AI-driven workflows. Without that alignment, even the best tools struggle to deliver enterprise-wide impact.

IBM research reveals another layer: 45% of executives cite a lack of visibility into AI decision-making as a major barrier. This AI “black box” problem isn’t just a technical one. It’s also about trust, clear communications and AI guardrails. Scaling agentic AI requires governance frameworks where automated decisions can be understood, audited and explained.

Such transformation must keep humans in focus: design for augmentation — not replacement.

The agentic AI operating model

Think of agentic ITOps as much more than an efficiency upgrade, but as a total reshaping of traditional IT workflows. Organisations leading the next phase of transformation are the ones rethinking how their systems make decisions, collaborate and adapt autonomously across the enterprise.

That level of digital transformation requires leadership from the top. CIOs and executive stakeholders must pivot from experimentation to execution. They must look at embedding agentic AI not as a side project, but as a core operating model that aligns technology, data and people toward shared outcomes.

That pivot marks the real test ahead.

The future ROI of agentic AI initiatives

Even with the productivity boost enjoyed with generative AI tech, IT teams don’t need more tools. They need intelligence that delivers measurable outcomes. Teams should establish before-and-after metrics that resonate with IT and business leaders. Beyond efficiency gains (time saved, faster resolution, lower costs), measure labour savings, fewer resource-intensive outages and reduced tool sprawl.

Transformational organisations see greater impact across every business metric, including productivity, efficiency, revenue growth, brand strength and customer loyalty, than those that limit AI to incremental and even superficial gains.

In fact, organisations that excel in three key AI adoption areas are 32 times more likely to achieve top-tier business performance, according to that same IBM report referenced earlier.

The bottom line

The next 12 to 24 months will test IT leaders’ ability to translate experimentation into sustained value. Those who embrace agentic AI early will build organisations that learn faster, adapt continuously, preempt potential issues and recover from disruption instinctively.

IT has regularly shown that they're fully willing and committed to AI adoption. Now it must lead again, in depth. Agentic AI marks the next maturity stage: self-learning, self-healing and self-optimising systems that enable greater agility and resilience across the enterprise.

This isn’t “set and forget.” IT teams must build, train, monitor, measure and refine agentic AI to ensure value realisation.

To learn more about the role of AI as a transformative tool for IT operations and breakthrough use cases for agentic AI and automation in IT, see Ivanti’s research report: “AI: The Future of ITSM Automation.”

ITAM: Your Unexpected First Line of Cyber Threat Defence

Tue, 16 Dec 2025 14:00:02 Z

When the conversation turns to cybersecurity, people often think of firewalls, intrusion detection systems or state-of-the-art endpoint protection. Yet, beneath these sophisticated shields is an essential (and often unsung) foundation: robust IT Asset Management (ITAM).

For CIOs guiding mid-sized and enterprise organisations through an increasingly perilous digital landscape, ITAM offers not just operational clarity, but a powerful first line of cyber threat defence.

Below, we’ll explore how comprehensive ITAM delivers critical visibility into your organisation’s technology environment, strengthens your defences against evolving cyber threats, supports regulatory compliance and accelerates security operations. Read on to discover how making ITAM a core part of your strategy can help prevent costly breaches and build true cyber resilience.

Global cyberattacks rose 30% YoY, and ransomware attacks now average 20–25 major incidents per day.

Why ITAM matters: Cybersecurity challenges start with obscured visibility

Cyber threats almost invariably exploit the weaknesses organisations can’t see. Shadow IT, obsolete devices, rogue software and unauthorised access points are invisible vulnerabilities that slip through the cracks of traditional security. A comprehensive asset inventory isn’t just good housekeeping — it's the starting point for effective cyber risk management.

Despite 90% of organizations claiming strong detection capabilities, 57% still suffered major security incidents due to lack of full visibility.

Consider this: in the 2023 Data Breach Investigations Report, Verizon noted that a significant proportion of intrusion incidents stemmed from neglected assets — servers went unpatched because they were forgotten, endpoints were provisioned without visibility into their lifecycle, etc.

Here, ITAM is an invaluable early warning system. By providing a real-time, continually updated map of all hardware, software and cloud assets, it allows IT leaders to spot risks before attackers do.

The benefits of ITAM for cyber resilience

Below we’ll look at how the various benefits of robust ITAM result in a stronger security posture for your organisation.

Lifecycle management eliminates weak links

Assets don’t just pose risks at the moment of acquisition. The lifecycle (from onboarding, maintenance, and update to eventual retirement) is fraught with opportunities for mismanagement that can result in potential doorways for cyber adversaries. Obsolete systems without vendor support, end-of-life software still running mission-critical apps, devices decommissioned without wiping — these are common in complex environments.

45% of organisations lack confidence in knowing all applications in use, creating blind spots that attackers exploit.

Robust ITAM ensures that every asset gets tracked, routinely assessed and decommissioned securely, closing off both accidental exposures as well as sophisticated attacks that target legacy infrastructure.

Regulatory compliance proves control and prevents penalties

Increasingly, CIOs face regulatory environments that demand demonstrable control over IT assets. Frameworks such as NIST, ISO 27001 and GDPR all emphasise asset visibility as a prerequisite for effective control of sensitive data and critical infrastructure. A mature ITAM practice maps directly onto these requirements, providing the documentation and provable oversight needed for audits and regulatory inquiries.

Over 80% of breaches are linked to gaps in attack surface management, driven by vulnerable internet-facing assets and poor asset inventory practices.

For example, under GDPR, the ability to swiftly identify and remediate vulnerable assets that process personal data is not just good security practice, it’s a legal necessity.

The ITAM-security partnership: More than just inventory tracking

True ITAM goes beyond keeping lists. Integrated asset management feeds context directly into security operations tools. Vulnerability scanners depend on accurate inventories to detect exposures. Incident response hinges on knowing precisely which systems are implicated. Security policy enforcement relies on a clear understanding of asset roles and relationships.

Anecdotally, one financial institution saw its incident response time halved after integrating ITAM data into its SIEM platform, enabling security teams to immediately pinpoint and isolate affected assets during a breach. The value here is measurable and repeatable.

Resilient cyber defence means robust asset management

IT Asset Management is not merely operational hygiene. It is an essential component of a proactive, resilient cybersecurity strategy. For CIOs, investing in a robust ITAM solution can mean the difference between surface-level security and genuine risk mitigation.

If you’re ready to discover how our ITAM solution can reinforce your organisation’s security posture from the ground up, contact our team today and take the first step toward building true cyber resilience.

The Rise of Experience-Level Agreements (XLAs) in Practice: A Deep Dive into ITSM Transformation

Fri, 21 Nov 2025 15:17:59 Z

For decades, the backbone of IT Service Management (ITSM) has been the Service-Level Agreement (SLA). While effective for tracking the nuts and bolts of IT delivery, SLAs have one critical blind spot: they say little about how users actually feel about their IT experiences.

This is where Experience-Level Agreements (XLAs) and Digital Employee Experience (DEX) fill in the rest of the picture. They provide a new paradigm that's rapidly gaining traction, promising to transform ITSM by focusing on the human experience behind the numbers.

But what exactly are XLAs and how do they differ from traditional SLAs? Moreover, how does Digital Employee Experience factor into successful XLAs?

What are XLAs?

Experience-Level Agreements are a set of metrics and commitments designed to ensure that the end-user experience is consistently positive and meets (or exceeds) expectations.

While you should use XLAs and traditional SLAs in tandem, the latter focuses on technical performance and uptime. XLAs prioritise the user's overall experience, including factors like ease of use, responsiveness and emotional satisfaction.

By focusing on the user's perspective, XLAs help organisations align their services with user needs, driving satisfaction and loyalty.

Understanding how SLA, XLA and DEX work together

XLAs, SLAs and DEX work in tandem to provide you with a 360-degree view of your technical and user experience metrics.

	Description	Example metrics
Service-Level Agreements (SLAs)	A contractual agreement between service providers and customers that define the expected service quality, availability and responsiveness. SLAs focus on technical metrics.	Uptimes. Response times. Resolution rates. Etc.
Experience-Level Agreements (XLAs)	A contractual agreement between providers and customers that focuses on end-user experience, measuring the quality of service from the user's perspective. XLAs include not just technical performance, but also factors like usability, accessibility and overall satisfaction.	End user satisfaction score. Net promotor score (NPS). Digital experience score (DEX).

Unlike SLAs and XLAs, Digital Employee Experience (DEX) is not another type of agreement. DEX refers to the quality of digital experiences employees have while performing their job functions. It encompasses the technology, tools and digital environments they interact with daily.

Based on their experiences across these tools and environments, a DEX score is created (which is measured as part of the XLA). A positive DEX is crucial for employee productivity, engagement and overall job satisfaction.

How DEX enables successful XLAs

Digital experience analytics are an important metric in the success of XLA's. By ensuring that employees have a positive digital experience, organisations:

Improve productivity — When employees can work efficiently and effectively, they're more likely to deliver excellent service to customers.
Enhance customer experience — A positive DEX often translates to a better customer experience, as employees are better equipped to meet customer needs.
Drive business outcomes — By focusing on DEX, organisations can drive business outcomes, such as increased revenue, reduced costs and improved competitiveness.

Best practices for implementing XLAs

Implementing XLAs requires a careful, strategic approach to ensure that you not only measure user satisfaction effectively, but also drive meaningful improvements in service delivery.

By following the best practices below, organisations can successfully integrate XLAs into their operations and foster a culture centred on positive user experiences.

Define clear user experience metrics: Identify the key metrics that you will use to measure user experience. These should be specific, measurable, and aligned with business goals.
Leverage technology: Use advanced analytics, AI and machine learning to gather and analyse user data. These tools can help identify trends and areas for improvement. DEX tools enable you to gather and measure your IT experience across devices, users and the organisation.
Engage users: Regularly collect feedback from users through surveys, feedback forms and testing. This provides valuable insights into their needs and preferences. Ensure that surveys utilise AI to identify and highlight sentiment.
Train and empower IT teams: Train your IT teams in user experience principles and give them the autonomy to make decisions that improve the user experience.
Continuous improvement: Treat XLAs as a living document. Review it regularly and update it based on user feedback and changing business needs.

Challenges and lessons learned

Implementing XLAs isn’t just about new tools — it's a mindset/cultural change. Common hurdles include:

Defining experience — What counts as a “good” experience? It can be subjective and varies across roles.
Cultural buy-in — XLAs need sponsorship from leadership and buy-in from front-line IT teams.
Continuous improvement — XLAs aren’t static. They require regular review and recalibration as user needs evolve.
More than surveys — Surveys are just one method of measurement. Ensure that DEX tools are enabled to capture real technology metrics.

Organisations leading the XLA charge invest in regular feedback loops, co-design goals with business units and link experience outcomes directly to ITSM performance reviews.

The future: Why XLAs matter

In practice, XLAs and DEX are more than buzzwords — they’re the next evolution of service management. As technology becomes ever more entwined with business success, experience is the product. IT teams empowered by XLAs move beyond “keeping the lights on" to driving employee engagement, customer loyalty and strategic differentiation.

For any organisation focused on ITSM transformation, embracing XLAs means listening harder, acting faster and thinking bigger about the real purpose of technology: enabling people to do their best work.

Read the Digital Experience Report to understand how DEX impacts productivity, satisfaction and retention.

AI-Driven IT Cost Management: Aligning Spend with Strategic Value

Wed, 22 Oct 2025 13:00:01 Z

Optimising IT costs is now the top priority for IT teams, according to Ivanti’s 2025 Technology at Work Report. Our survey found that cost optimization was cited as a critical strategic goal for 2025, outranking improving cybersecurity, investing in infrastructure and deploying AI / ML technology.

However, despite many organisations viewing AI and automation in terms of short-term operational improvements, many organisations haven't yet tapped into AI’s full potential to transform how IT manages, predicts and optimises costs.

It’s clear that IT teams are already bullish on AI's value in everyday operations. IT is currently leading the charge in AI implementation, with 36% of IT teams using generative AI, according to McKinsey research from March 2025 — more than any other function.

While IT teams regularly use AI for coding, support tickets and other day-to-day work, many organisations don’t see beyond these short-term efficiency gains. Too often IT leaders overlook AI's untapped potential for enterprise-wide optimization.

This shift from incremental productivity gains to strategic cost optimization frees resources and grants IT leaders the flexibility to focus on innovation, long-term transformation and consistent alignment of operations with fast-evolving business strategy.

With CIOs under mounting pressure to “do more with less,” AI-driven IT cost optimization has the power to reduce wasteful IT spending, justify investments and deliver strategic value across the entire organisation.

However, before this transformation can happen, companies must first understand the biggest sources of inefficient spending and identify the most valuable areas where they can use AI capabilities to better allocate resources and make the most of their IT budget.

Major barriers to IT cost optimization

Cost management challenges are systemic. Inefficient IT spending results from compounding breakdowns across systems, processes and leadership structures. More than half of IT professionals said that wasteful IT spending was a significant problem at their organisation, according to 2025 Ivanti research.

Wasteful IT spend is especially egregious in high-complexity sectors like telecoms and government, where legacy systems and sprawling vendor relationships make it difficult to track and control spend. These sectors face greater pressure to cut costs, as unchecked waste limits their ability to fund strategic initiatives and modernise critical infrastructure.

Monthly vendor reviews, quarterly budget reconciliations and annual contract negotiations struggle to keep pace with today's dynamic IT landscape. Organisational cloud spend can spike overnight, and tech complexity compounds rapidly due to decentralised procurement, shadow IT and poor asset visibility. For instance, 38% of IT professionals Ivanti surveyed pointed to “tech complexity” as a major barrier to effective IT operations.

Looking toward the future of AI-powered ITOps, many IT professionals recognise AI's transformative potential to meet these challenges and eliminate unnecessary spending.

AI and machine learning for predictive cost management

Manual cost reviews alone are backward-looking, labour-intensive and prone to human error. Human oversight alone cannot recognise and analyse patterns that emerge through large-scale AI data analysis. AI-powered cost management flips the script. Instead of reporting overspending after it happens, AI predictive analysis can detect potential anomalies and provide organisations with accurate budget forecasting to avoid redundant, unnecessary spending. AI can also surface redundant tools, highlight lifecycle costs and flag spending anomalies that human reviews would likely miss.

Consider this scenario: you can use AI to analyse your IT asset management data to uncover shelfware and unused software licences, or to mine support tickets for patterns showing when certain device types typically begin to fail. Those insights can inform smarter replacement cycles, reduce downtime and ensure you only pay for what you actually use.

The speed difference is dramatic. Organisations using AI-driven cost optimization are seeing measurable reductions in operational expenses, while others are still compiling last quarter's reports on spreadsheets.

Real-time visibility consistently outperforms reactive reviews. When you can predict and prevent waste instead of just documenting it, that's when IT shifts from expense management to strategic value creation.

AI cloud cost management and resource management

Cloud environments are the single largest source of budget variance and waste. Nearly nine in 10 (88%) of organizations see significant variance between actual spend and forecasted spend, and only 30% know where their cloud budget is going, according to CloudZero’s State of Cloud Costs in 2024.

Ivanti’s own findings expand on these IT resource management challenges:

39% of IT professionals cited outdated hardware as a considerable source of wasteful spend.
Outdated, unused and expired software is also a major factor, with nearly one in three (31%) IT professionals reporting their organisations don't track unused or underused software licences.
Even more concerning, 48% of IT teams reported that their companies use software that’s reached end of life (EOL).

The combination of multi-cloud environments, unpredictable usage over time, complex and multilateral pricing within the same services and drastically varied costs makes the need for AI and automation clear.

AI-enabled technology can help cut through this complexity. AI solutions can proactively identify underutilised software licences, over-provisioned cloud resources and redundant applications across environments that'd take human analysts weeks to map.

What’s more, AI combined with ITSM automation can suggest resolutions to inefficient IT spending through intelligent recommendations for rightsizing and deprovisioning. Leading CIOs use strategic IT cost management to fund high-impact initiatives, and AI automation makes this achievable at scale.

Software license optimization delivers significant returns. AI tracks actual software usage against entitlements, identifies downgrade opportunities and predicts future needs based on growth patterns. Organisations pay for what they use, not what they purchased months ago.

AI’s impact on streamlining IT processes

While AI adoption increases among IT teams, its cost optimization impacts aren't yet as widespread as basic use cases like predictive maintenance and automating routine self-service tasks — both popular, according to Ivanti research.

Delayed widespread AI adoption in ITOps prevents organisations from reaping the long-term financial benefits and opportunities for strategic business growth. IT automation solutions can reduce operational costs by up to 90%. The technology handles ticket triage and automates incident response while predicting system failures and managing routine maintenance.

AI elevates IT operations, and the impacts are felt across the entire business. Asset performance monitoring becomes intelligent and proactive. Instead of static thresholds and scheduled checks, AI systems continuously analyse performance data, predict hardware failures and optimise maintenance schedules.

This prevents both downtime costs and unnecessary replacement spending. Process automation also frees IT time, reducing costs from human error: manual misconfigurations, missed patches and delayed responses caused by limited resources.

How AI empowers IT to deliver strategic value

IT cost management isn't the endgame. It's the starting point for strategic transformation. AI enables companies to optimize costs at scale while freeing up budgets for growth investments.

Organisations embracing AI for cost management are repositioning how their businesses view and leverage technology. When every investment must justify its existence, AI enables IT leaders to become architects of value, not just managers of expense by cutting costs and creating value. AI promotes agile resource allocation. When wasteful costs are eliminated proactively, IT executives gain flexibility to fund emerging opportunities and respond to changing business priorities.

Visibility is equally important in transforming IT into a strategic business driver. AI provides the data and insights needed to quantify IT's business value. When investments are tracked and tied to business outcomes, CIOs can demonstrate the true ROI of the IT department and secure strategic support.

The real transformation happens when IT moves from reactive expense control to proactive value creation. AI-optimised IT operations have become the foundation for innovation, enabling teams to experiment and deliver competitive advantages.

To learn more about the major challenges contributing to wasteful IT spending and how AI and automation can help IT teams boost efficiency, improve asset visibility and optimise IT cost management, see Ivanti’s 2025 Technology at Work Report.

Your Windows 11 Migration Is Looming – but There’s a Bot for That

Mon, 28 Jul 2025 19:31:10 Z

I recently spoke with a CIO who had committed a large amount of IT resources to manually migrating computers from Windows 10 to Windows 11. The process required months of planning, device assessments, compatibility testing and hands-on coordination to avoid disruptions to day-to-day business operations. While their dedication ensured their rollout was on track for the looming Windows 11 end-of-support date, it highlighted the strain such projects place on internal teams.

My conversation with this CIO isn’t unique. Before becoming an Account Technology Strategist here at Ivanti, I worked in various roles in IT support and still bear the scars of the Windows XP to Windows 7 migration. I also spent years helping organisations plan, execute and troubleshoot OS upgrades — often under tight timelines, with limited resources.

Automation is key to any major upgrade project. It improves overall IT efficiency, reducing labour costs and human errors. In this blog, I’ll show you how you can use automation in your Windows 11 migration and where Ivanti Neurons bots can help.

Assess the fleet

Before starting any project, asset discovery is key: you can’t upgrade something you don’t know exists or isn’t really there. One Ivanti customer discovered that they had 30% more assets than they expected on their network! This echoes a study from Gartner that found 30% of IT fixed assets are "ghost" assets, or missing and can't be found, which further complicates the task.

Data that exists outside of the device, such as device warranty, is important too. Perhaps upgrading a device with three months’ warranty left isn’t really worth it — it may be replaced through a refresh cycle soon anyway, leaving more disruption for users.

A step you can automate is evaluating whether each device meets Microsoft’s minimum hardware requirements, which you can do in Ivanti Neurons using the Windows 11 Upgrade bot. Then, devices that don’t meet the necessary criteria can be flagged with an automatic ticket in your service or asset management solution. This helps provide the right data to IT-adjacent teams like Procurement for financial planning and purchasing new hardware.

Create a baseline for end-user experience

Creating a baseline helps IT measure the impact of the upgrade, identify potential areas of improvement to review post-upgrade and ensure that the new operating system meets or exceeds current performance levels. It also provides a point of reference for troubleshooting should any issues arise post-upgrade. This data is gold dust for the service desk team, who will be on hand to support users.

One way to create a baseline is with a DEX, or digital experience, score (which you can do in Ivanti Neurons). This quantifies the quality of an employee’s digital experience by aggregating data from various indicators like CPU usage, memory performance, application crashes, disc space and battery health. For example, excessive CPU usage or frequent application crashes can lower the score, while optimal performance in these areas contributes to a higher score. Sentiment analysis of service management incidents can also provide qualitative data that impacts the DEX score.

Surveying the end user bolsters telemetry-based metrics in the DEX score. Surveys provide IT with an early indicator of problems — but you can’t ask too many questions before the end user hits the dreaded mute button! A simple emoji response via Microsoft Teams gives you an empirical response, and a free text field gets user sentiment feedback.

So how do you analyse the data at scale? Feeding these insights into AI for sentiment analysis lets you interpret the tone and emotion to detect frustration or satisfaction levels.

One big takeaway from any migration is its impacts on end users. IT should want the end user to feel part of the process, if not own it!

Put the user at the centre of the W11 migration

At this stage, we have devices suitable to upgrade and know our baseline. Now it’s time to interact with the end user.

IT leaders are all too aware of the potential impact that changes like system upgrades or new software deployments can have on end users, but this awareness doesn’t always translate into action. In the push to beat pending deadlines like Windows 10 End of Support, user experience considerations can be overlooked, leading to disruptions, frustration (reduced CSAT) or decreased productivity.

You can use automation, like the Windows 11 Upgrade bot, to keep the user in the loop, providing them a reason for the change and allowing them to schedule the upgrade at a convenient time.

Validate changes with end users

When changes like system updates are made to their computers, end users often face disruptions to their familiar workflows. A major change like upgrading to Windows 11 can lead to confusion, reduced productivity and frustration, especially if the upgrade was unexpected or poorly communicated. Users may struggle to find previously accessible features, encounter compatibility issues, or experience slower performance, all of which can create a sense of being unsupported.

Surveys have shown that knowledge workers experience such issues 3–4 times per day and often don’t raise support cases. A bot like the Ivanti Neurons Survey bot can be used here, capturing end user sentiment and feedback. So far, automation has done much of the hard work in your Windows 11 migration, but there will always be humans … as it stands anyway! A survey offers an opportunity to bring a human into the loop where applicable.

Software updates – and more! – with Ivanti Neurons bots

So, you’ve read a little of how the Windows 11 bot works. This is just one use case for an Ivanti Neurons bot. The same principles can also apply to major upgrades of any software, but also to a wide array of automation use cases on devices:

Reduce IT operational costs by automating manual steps.
Limit opportunities to introduce human error through manual processes.
Ensure the user is engaged and, crucially, happy with the process and their new operating system.

Neurons bots help IT teams proactively identify, diagnose, and resolve issues across endpoints and devices, often before users even notice the problem. Bots communicate with devices in real time, run queries and perform actions to keep systems healthy and secure.

You can check out some of the ways our bots help automate, accelerate and enhance IT operations, freeing up time for you to work on what matters, by visiting the Bot Library.

Is Your ITSM Environment Ready for Agentic AI? Probably Not (Yet)

Wed, 16 Jul 2025 16:01:36 Z

Agentic AI is making waves across various industries, and its potential to transform ITSM is undeniable. With all the talk about agentic AI capabilities, you are probably daydreaming about streamlining ITSM processes through automated incident management, automated change risk analysis, improved efficiency through service desk automation, or enhanced service quality with predictive maintenance. But you also may start to wonder: How real is all of this? Is my organisation truly ready for agentic AI?

I would suggest that for most organisations, the answer is no!

Don't get me wrong; organisations are listening to the conversation and are keen on the potential long-term benefits. And some may indeed be ready for to implement agentic AI properly.

Ambitious, but underprepared: why most organisations aren’t ready for agentic AI

The reason I doubt that organisations are adequately prepared is that for agentic AI to function optimally, you require good clean data, seamlessly automated workflows that are well defined, and comprehensive flexible integration across all systems intended for agentic AI operations.

We see the importance of clean, integrated data in the acquisition of data management companies by other tech vendors, notably Salesforce and Informatica. Reconciled, normalised data gives AI agents the best possible intelligence to work with so they can provide the best outcomes and most accurate information.

You should always consider: How will AI agents benefit you and your organisation? Can your journey to autonomous work be achieved through workflows? Even Anthropic, a leader in the AI space talks about using the simplest solution possible and only implementing AI agents for complex requirements. In some cases, agents are not only more costly but also less efficient than pre-built workflows.

Preparation today, agentic AI tomorrow

As you consider pursuing agentic AI, there are several factors to examine. With planning and preparation, you can be successful, and this checklist will help guide you on your journey.

Planning

When you start your journey to agentic AI, clearly outline your goals for introducing agentic AI into your service management environment while ensuring that they align with your overall organisation's goals. Some common objectives are:

Reduce the workload on IT staff by automating repetitive and time-consuming tasks.
Improve the speed and accuracy of incident resolution.
Enhance the end-user experience with seamless automated request fulfilment.

With your goals defined, what does success look like, and how will you measure it? These will vary based on your expectations and defined goals, but some common metrics could be:

% of tasks successfully automated by AI.
Decrease in errors within tasks handled by AI compared to manual tasks.
User satisfaction score (CSAT).
% of users opting for AI-driven self-service solutions.
Reduction in the average cost of resolving a ticket with AI.
% of incidents escalated to human agents after AI intervention.

Related content: AITSM: How AI Is Redefining IT Service Desk Automation, part of Ivanti’s Digital Employee Experience Research Report Series

Data preparation

Within the context of service management, there are many sources of data that may be required, including sources that are purely ITSM-related, such as a CMDB or asset repository. As you move towards the wider enterprise, you may also need data from CRM, HR, facilities, finance or other departments.

Regardless of where you are getting the data from, you need to consider the following:

Is your data quality reliable? Is the data consistent? How accurate is the information? Is there a more trusted source (or master) that should be considered as the default? Often data is inconsistent across multiple systems, making it harder for an AI agent to make well-informed decisions.
How accessible is your data? How many different data sources are there, and will integration via APIs be required? Are the data sources up to date?
Is your CMDB ready to be used by agentic AI? Do you have critical CIs in your CMDB, and more importantly, how up to date are the relationships and the information?
Are you required to adhere to data privacy compliance? Do you need to adhere to data protection regulations such as GDPR, CCPA or others? It is possible that regulations may demand that you anonymize sensitive data and keep it within country.

Defined workflows and automation

Not only is having high-quality data vital, but having good, functioning workflows to drive tasks is a critical component of successful agentic AI. In some cases, your existing workflows can be repurposed for use within an agentic AI process; however, some workflows will need to be modified to meet the request/response requirements of an AI agent.

Some things to consider for workflows:

Are your workflows able to be used by AI agents? Your existing workflows may not be structured in the most effective way for AI agents to utilise the entire workflow to deliver accurate results.
Will the workflows only be working with data within your organisations, or will it need to access external data sources? When accessing external data sources, what security measures are in place to ensure the security and accuracy of the data within the responses?
Ensure all agent AI and related workflows have audit trails enabled, so you can log and monitor AI actions and decisions. This ensures the correctness of the AI and can be used in the event of compliance or security issues.

Governance and compliance

Earlier we discussed compliance requirements for data and the need to meet regulatory or statutory requirements. Governance and compliance must also apply to the entire AI ecosystem within your organisation to deliver responsible, secure and trusted responses and actions.

Here are a few things to consider:

Define policies for how AI is to be used within your organisation and assign people or teams who are accountable for protecting the data and evaluating ethical considerations.
Ensure that regulatory or statutory compliance standards are understood across the entire AI workflow and met. For example, if an AI agent requires access to health-related data and data collected from European users, then you would need to consider both HIPAA and GDPR.
Identify potential risks throughout your environment and meticulously mitigate those linked with the AI deployment.

Testing and validation

Start your journey to agentic AI in a controlled environment. Set up a pilot programme to test the functionality, ensuring you measure against your goals and gather feedback from users. It is important to have a continuous improvement programme in place for adjustments and enhancements. Be patient, as good results may take time as the AI learns and adjusts. Always monitor and adjust as required and define a process for handling issues or failures.

Agentic AI is an evolution, not a revolution

Discussion around AI is everywhere, and while there is a lot of interest from organisations, many are still rightly cautious about how to proceed and what is best for their organisation. As we have seen over the last few years, AI has progressed very quickly from generative to agentic. Keeping up with emerging technologies and planning for future enhancements is vital.

Ivanti is well positioned with AI capabilities that can enable you to grow. Find out more about what Ivanti can offer for your AI journey.

How CIOs Can Optimise IT Costs and Eliminate Wasteful Spending

Mon, 23 Jun 2025 19:20:25 Z

When operating in healthy economic environments, business teams are often allowed greater rein to explore how budgets can be allocated. But when times become tough due to geopolitical tensions, global tariffs, tech disruptions, layoffs, restructurings and rising tech costs, there is greater pressure on CIOs to minimise wasteful spending and prove the value of their IT investments — ensuring a louder bang for their buck.

In all this, leaders and CIOs are pressured to “do more with less” – including growing scrutiny over how IT dollars are allocated and justified. Being able to measure and communicate the ROI of IT initiatives to stakeholders becomes more important than ever. The paradox of rising expectations paired with reduced resources is the new normal.

This is especially true in the public and federal sectors, where proposed cuts to CISA and tech security budgets by the US federal government adds to already heightened pressures to align with accountability, regulatory guidelines and compliance.

Ivanti’s 2025 Technology at Work Report reported that more than half (58%) of IT professionals say wasteful IT spending is a problem in their organisation. Tech sprawl, scope creep, limited asset visibility, siloed teams and redundant operations represent poor IT cost management practices which drain resources that could be committed to strategic innovation.

Today’s reality is that CIOs are working with less budget across the board. As such, they must focus their energy on finding and reducing inefficiencies in their current spending. But more so, IT cost optimization is shifting from reactive operations to a strategic, future-facing imperative. Leaders are becoming more strategic and targeted with their investments and creating room to fund the initiatives that drive long-term business value.

IT cost optimization is a top priority

Ivanti’s report finds that IT cost optimization is a top priority for enterprise IT teams this year – but at the expense of investment in IT infrastructure and AI / ML. This aligns with trends across industries: CIOs are simply facing increased executive and board-level scrutiny as budget approvals become more centralised and return on spend must be proven faster than ever.

Additionally, Gartner’s 2025 CIO Agenda report finds that only 48% of enterprise-wide digital initiatives meet or exceed their business outcome targets – that means there’s plenty of room for improvement. This is prompting forward-thinking CIOs to rethink IT budgeting not just as an optimization exercise, but also as a strategic reallocation of resources.

IT leaders are looking at ways to tighten spending in some areas to allow for transformation in others and demonstrating measurable business outcomes of their initiatives. While budget cuts are never an easy time for organisations, the need for IT cost optimization could be an opportunity to generate fuel for growth.

Top causes of inefficient IT spending

Inefficient IT spending is often the result of compounding breakdowns across systems, processes and leadership structures. CIOs looking to optimise their budgets must first identify spending redundancies, inefficiencies and misalignments in their current tech stack and processes. Below, we explore top culprits behind IT budget bloat and how each contributes to mounting costs and diminished returns.

Poor asset visibility

Lack of visibility into endpoints, devices and SaaS assets leads to overspend and blind spots. This is compounded by the expansion of attack surfaces as organisations’ external and internal assets continue to grow — oftentimes with unknown or unmanaged visibility gaps.

This is backed by Ivanti’s Tech at Work research, Device and licence usage is tracked by just 38% of IT teams, and only 36% track device performance / health.

Complicating matters further is shadow IT. Unknown and unmanaged use of devices and applications often results in duplicate existing capabilities or go entirely unused, leading to avoidable spend and potential compliance issues.

Even sanctioned tools lack oversight without standardised IT asset management practices, making it hard to enforce usage policies, track renewals or manage the asset lifecycle efficiently. Many opportunities are then missed to reduce spending through consolidation or retirement of redundant tools

Tech sprawl and cloud sprawl

Duplicate tools drain resources and fragment the tech stack without adding performance. This adds both cost and complexity to the IT ecosystem. And inaccurate forecasting and poor usage monitoring inflate cloud spend.

Organisations are often challenged by frequent “swivel chairing” – where employees switch between disconnected tools which leads to wasted time and diminished productivity. For example, an IT support agent might bounce between a ticketing system, an asset management database, a separate knowledge base and a communication platform – copying information between them just to resolve a single issue.

Technical debt

Without regular vendor audits, redundant or underperforming tools overstay their welcome and legacy systems linger. These drain resources and diminish returns.

Finally, a lack of integration across overlapping tools contributes to siloed team processes, slower response times and inconsistent or incomplete data. When systems and processes aren’t fully integrated, it’s easy for efforts to be misaligned.

Inefficient processes

Inefficient processes in IT workflows can also be a major budget leech. A good portion of standard IT work can be automated, yet isn’t – leading to talented IT workers spending time on easily optimizable workflows including manual ticketing and patching, at the expense of higher-level strategic initiatives. A study cited in CIO found that the average large enterprise lost an estimated $104 million to digital inefficiencies, leading to shadow IT solutions which only augment the above-listed causes of avoidable spend.

Another process drag comes from siloed work and poorly integrated systems. When teams don’t have a unified platform or standardised protocols, work is duplicated and fixes are delayed. Ivanti’s 2025 research reported that 37% of IT teams reported that organisational silos reduced collaboration within their company – and 40% of IT professionals said that these silos hamper IT efficiency.

Moreover, current IT talent shortages augment an already challenging environment. Understaffed teams have to prioritise day-to-day firefighting, leaving little room for other, higher-level work.

Poor leadership visibility

A major overarching factor in IT efficiency and wasteful spending is lack of visibility with other executive leaders. The 2025 Tech a Work Report revealed that 57% percent of IT professionals felt that their company leadership did not have high visibility into IT efficiency (or lack of efficiency).

This lack of collaboration with leadership often leads to misaligned investments that don’t meaningfully contribute to actual growth. This worsens when budgeting is disconnected from KPIs and OKRs. When the ties to business outcomes aren’t clear, CIOs can’t justify their investment choices or show the real impact of their team’s work.

Fast-paced demands from above without consultation can often push IT leaders to sacrifice long-term stability for short-term speed. And skipping testing and documentation undermines system stability and invites costly breakdowns. This prioritisation of operational efficiency over strategic longer-term business impact is a symptom of poor alignment.

Federal and public sector CIOs face unique challenges

Across the board, IT leaders are encountering shrinking resources and growing accountability – from healthcare systems to financial services to manufacturing. But, as mentioned above, public sector CIOs operate in a more rigid and scrutinised environment than their private sector peers.

While private enterprises face similar challenges, public sector IT budget management is usually fastened to annual fiscal cycles, necessitating longer-term decisions and restricting agility. Heightened procurement, compliance and regulatory frameworks bring additional constraints.

Fragmented ecosystems are an issue here as well. This is highlighted in Deloitte’s Government Trends 2024 report. Government bodies struggle with limited understanding of the real value that IT brings and the challenge is that ROI is harder to prove in these environments due to complex procurement processes and strict compliance needs – not due to lack of effort or intention from IT leaders.

Budget constraints are tightening even further, and audits are steadily increasing. CIOs in the public sector must demonstrate cost control and operational efficiency even more diligently than their private-sector peers. Transparent, strategic IT cost optimization frameworks are no longer an option – they’re required.

A strategic approach to IT cost optimization

It’s time to fully embrace a cost-efficient resolution with an actionable playbook. Addressing IT spending is more than cutting costs; it entails a deeper look at how IT integrates with overall business strategy. In doing this, CIOs must align IT with higher-level goals, uncover the right data to inform decisions and clearly measure outcomes.

Every investment must have a specific impact. A smart IT investment strategy ties spending to results – in increased revenue, more efficient processes, better user experience and bigger-picture thinking. The objective is to move from simple cost-cutting to intentional, strategic allocation of resources.

The result is a modernised budgeting model that’s aligned with business and driven by real-time data focusing on actual return on investment. Where does tech drive performance? Where does it drag? Where can automation be applied?

Start by focusing on these actionable steps:

Manage and monitor IT assets

Establish full lifecycle visibility into hardware, software and endpoints by implementing centralised IT asset management solutions. Effective IT asset management will allow teams to better consolidate asset data across the overall environment and standardise how assets are discovered, tracked and retired. Real-time monitoring, supported by AI and automation, enables teams to identify underused assets, reduce redundant purchases, remove bottlenecks and proactively manage renewals.

By integrating ITAM with service management and configuration databases (CMDBs), leaders can gain a holistic view of asset performance and compliance and minimise security risk and improve budget control.

Streamline IT workflows with AI and automation

Manual, repetitive work can be readily automated using AI and other technologies. Identify where steps can be automated across service management, endpoint provisioning and patching. AITSM capabilities have been proven to improve ticketing, detect anomalies and continuously monitor device performance and health in a faster and more complete way than human oversight alone.

There are also cases where an IT team may already possess these tools but aren’t utilising their full capabilities due to poor visibility, tech sprawl or lack of standardised IT asset management. Conducting an inventory of all assets and identifying redundancies and inefficiencies then frees up valuable resources for other, higher-level priorities that tie back to impact and ROI.

Define and measure IT business value

IT cost management requires quantifying how IT actually contributes to the overall business. Start by tracking real outcomes, including revenue growth tied to technology investments, risk mitigation efforts (ticket resolution, patches, thwarted attacks) and tracking the digital experience of customers and employees.

Improve collaboration and communication with executive leadership

When IT investment strategy is cross-functional and clearly linked to business performance, executive buy-in follows. IT leaders cannot operate in a vacuum, let alone optimise in one. They must define and own measurable KPIs that show the ROI of their investments, be it AI, automation or cloud modernization. And CIOs should proactively set performance benchmarks tied directly to business outcomes. When leaders translate IT strategy into the language of business value, CIOs can shift the perception of IT from a cost centre to a cost enabler and make stronger cases to executive leadership and the board.

Aligning IT spend and strategy

IT cost optimization isn’t just about trimming fat. The long game of optimising IT efficiency is in building a smarter, more responsive and more valuable IT function that’s recognised as crucial to business outcomes. CIOs who tackle inefficiencies head-on implement more streamlined processes, reallocate budgets and deliver greater ROI for their spend will strengthen their strategic position in their organisation.

In circumstances where every dollar spent must justify its existence in spades, taking actionable steps to cut down on IT waste and shifting mindsets from reactive cost-cutting to smarter, targeted investments transforms IT departments into an active value generator, even in times of disruption and uncertainty.

For deeper insights into the root causes of IT budget inefficiencies and how to fix them, check out Ivanti’s 2025 Technology at Work Report: Reshaping Flexible Work.

How to Safeguard Healthcare Data in ITSM: Ivanti and Protecto

Mon, 02 Jun 2025 17:00:31 Z

The healthcare sector, perhaps more than any other, needs to scrutinise the balance between data utility and data privacy. Healthcare organisations must manage large amounts of sensitive data while complying with stringent regulations such as the Health Insurance Portability and Accountability Act (HIPAA). For IT teams seeking to implement AI-augmented service management, that responsibility weighs heavily.

A notable recent incident involved over four million customers affected by a data breach at Blue Cross Blue Shield, where Google Analytics had been configured in a manner that allowed member data to be shared with Google Ads, likely including protected health information.

Forward-looking IT leaders want to take advantage of advanced IT service management capabilities to improve operational efficiency, including emerging AI applications. But to avoid becoming the latest headline, they also need the highest standards of data protection. In this article, we’ll go into how Ivanti integrates with Protecto to do just that.

Where healthcare compliance and AI intersect

The myriad regulations that healthcare organisations must follow (HIPAA, GDPR, CCPA and others) are designed to protect patient data and ensure that it is handled securely and ethically. Data security and privacy are fundamental aspects of patient trust, and noncompliance can result in significant fines and legal actions.

At the same time, AI and ML technologies require access to large datasets – data that may include sensitive information that is subject to these stringent requirements. To add another layer of complexity, healthcare organisations are often large and complex, with multiple departments and locations, which means any data privacy solutions need to be able to scale without compromising performance.

Healthcare requirements for ITSM

IT organisations that want to take advantage of advanced ITSM use cases without fear of compromising data privacy have specific requirements – requirements that the integration between Ivanti Neurons for ITSM and Protecto deliver.

Data masking

Intelligent data masking identifies and masks sensitive information such as PII and PHI. This lets AI agents operate on data without exposing sensitive elements, preventing data leaks and reducing misuse. Additionally, data masking ensures that the context and utility of the information remain intact, enabling effective analysis and decision-making.

Role-based access controls

Role-based access controls and policy-driven unmasking ensure data is only accessed by authorised users with appropriate roles. Only users with the necessary permissions can access or unmask sensitive data.

Audit trails

To comply with regulations, healthcare organisations need a comprehensive audit trail of how sensitive data is accessed, used and protected. Detailed logs simplify compliance workflows and support regulatory audits.

Seamless integration

Protecto integrates with Ivanti APIs, which allows existing processes to remain uninterrupted – and for IT teams to deliver the best possible service – adding a layer of protection without disrupting operations.

Scale

A single instance of Protecto can support over 3,000 tenants, safeguarding the data of millions of users. It can handle large-scale deployments while maintaining operational resilience, making it a reliable choice for AI initiatives.

Ivanti and Protecto’s partnership

The partnership between Ivanti and Protecto brings immense value to Ivanti customers in highly regulated sectors with heightened data privacy concerns.

Already available features such as custom masking policies, on-premises and private cloud alternatives, and improved audit logs and reports ensure customers can meet compliance requirements with confidence.

Our commitment to research and development in AI, machine learning and data protection mean customers will always be at the forefront of managing large-scale datasets.
Our work with healthcare organisations, regulatory bodies and technology partners helps customers put in place practical data protection solutions without compromising IT efficiency.

Combining Ivanti Neurons for ITSM with advanced data security and privacy features ensures that our customers’ ITSM operations are both efficient and compliant with the most stringent guidelines, whether they’re in the healthcare industry or any other highly regulated field.

Ivanti’s partner ecosystem

Ivanti works with a wide range of technology partners like Protecto to help customers make the most of their investment in Ivanti solutions. To learn more, visit the Ivanti Partner Markeplace.

The Hidden Gems of ITSM: Features That Matter Most

Fri, 28 Mar 2025 12:34:36 Z

Service management doesn't have to just be a buzzword. It can be a foundation of efficient operations where IT Service Management (ITSM) plays a crucial role in keeping businesses running smoothly. But what truly sets exceptional ITSM apart from the rest? It’s not just about having a sleek user interface — it’s about the powerful features and functionalities that operate beneath the surface, improving user satisfaction and driving operational excellence. From automated incident management to self-healing capabilities, the true power of ITSM lies in its ability to anticipate and resolve issues before they become problems.

The power underneath: what truly matters

Beneath the surface of sleek interfaces and user-friendly designs lies what makes service management indispensable. While a polished UI can improve the user experience, it’s the underlying functionality and efficiency that determines the success of any service management system.

For employees, it’s the speed and effectiveness with which their requests are handled that matters. When an employee submits a request, they expect it to be actioned and resolved quickly. Delays lead to frustration and a decline in productivity, which ripples through the entire organisation.

Employees also highly value transparency and communication. They expect to be informed of the status of their requests and any potential delays. By providing regular updates and maintaining clear lines of communication, IT teams can significantly improve satisfaction and trust in the service management process.

For IT professionals, the stakes are equally high. They need the right solutions to efficiently address and resolve issues. The ability to handle incidents at the initial level, often referred to as Level 0 support, is crucial. This means resolving simple issues quickly without escalating them, which can drastically reduce the number of tickets that need to be managed.

In the end, the true test of employee satisfaction with the service management system is in the results it produces. The speed and efficacy with which issues are resolved, the quality of communication received, and the overall impact on their day-to-day productivity are key metrics.

Beyond the Flashy UI: The Core Capabilities of Service Management

The underlying architecture and processes are what actually make service management strong. At the heart of any good service management solution is the ability to streamline workflows, which can greatly increase efficiency. When processes are optimised, teams can focus on more important work, reducing the time and effort spent on mundane, repetitive tasks. This not only increases productivity, but also ensures that the IT department can respond more effectively to the needs of the business.

Automated incident management is another critical component that often goes unnoticed. By automating the detection and resolution of issues, organisations can drastically reduce response times. These self-healing capabilities are a game-changer in modern service management. Ensuring that problems are identified and remediated before users even log them, leading to higher user satisfaction. Additionally, users are less likely to experience disruptions, and when issues do arise, they are resolved quickly and efficiently. This proactive approach not only improves the user experience but also helps in maintaining a positive perception of the IT department.

Integration capabilities are another essential aspect that often gets overlooked. A service management solution that seamlessly integrates with various enterprise applications and services ensures all components work in harmony. This eliminates silos and ensures that data flows smoothly across the organisation, improving overall operational efficiency.

However, it’s important to note that not all vendors deliver on their low-code/no-code promises. While many claim to offer these features, the reality often involves more coding than advertised. True low-code/no-code solutions should minimise the need for extensive coding, making it easier for IT teams to deploy and manage services without requiring deep technical expertise.

The digital employee experience is more than just surveys. It involves a comprehensive 360-degree view of how employees interact with various aspects of the service management system, including applications, security and devices. Proactively identifying and addressing issues across these areas can significantly improve the overall employee experience.

Features that make service management great

But what are the specific features that elevate service management from a mere tool to an indispensable solution? One of the most transformative features is automation. By automating routine tasks and ticket resolution processes, service management solutions can significantly improve user satisfaction while reducing the workload on IT teams.

Self-service portals are another game-changer. These portals empower users to resolve simple issues on their own, such as password resets or software installations, without needing to involve the IT department.

Advanced analytics are also crucial for modern service management. By providing deep insights into service performance and user behaviour, these analytics enable organisations to proactively address issues before they become major problems. For example, predictive analytics can identify patterns that may indicate an impending system failure, allowing IT teams to take preventive action.

Mobile access is also key. With the increasing mobility of the workforce, it’s essential that IT support is always available, no matter where users are. Mobile-friendly service management platforms enable users to submit tickets, track progress and receive updates on the go.

Finally, AI is increasingly becoming a crucial aspect of successful service management. AI-driven tools can automate more complex tasks, provide intelligent recommendations and even predict and resolve issues before users are even aware of them. However, it’s crucial that these AI systems are transparent and trustworthy, ensuring they operate ethically and in the best interests of the organisation and its users.

How Ivanti Helps

This is where Ivanti comes in. We provide a suite of solutions that not only make service management more efficient but also enhance the core aspects of service management. We do this through our AI-driven service management capabilities that make the service desk smarter, faster and more efficient. With AI-driven capabilities, we can summarise incidents and tickets, generate knowledge articles, classify incidents and even create dashboard widgets.

In today’s digital world, security is top of mind for all organisations. That’s why we’re the only ITSM vendor to have signed the Secure by Design pledge. We don’t just say we’re secure — we build security into our products.

Our robust security is complemented by our extensive enterprise integration capabilities. With over 1,000 connectors, our platform can seamlessly integrate with a wide range of third-party systems, both IT and non-IT. Our low-code/no-code approach, powered by the leading iPaaS platform, makes it easy to extend ITSM automation and workflow to external systems without requiring deep technical expertise.

In addition, we offer five out-of-the-box (OOTB) enterprise workflows for HR, facilities, project portfolio management (PPM), governance, risk, and compliance (GRC) and security operations. These aren't just templates — they're fully functional business objects that can be customised to meet your specific organisational needs.

The low-code visual editor is a powerful feature that allows organisations to build and modify workflows across all IT and non-IT processes. This capability allows for the creation of custom solutions that align with unique business requirements, minimising administrative effort and maximising productivity. The platform’s integrated DevOps capability, with OOTB bi-directional connectors for Jira, Azure DevOps, GitHub and Jenkins, extends this flexibility to DevSecOps.

One of the most innovative aspects of Ivanti’s platform is its self-healing capabilities. Proactive service management ensures that issues are identified and resolved before they impact users, significantly reducing mean time to resolution (MTTR). This proactive approach not only improves service quality but also improves the overall digital employee experience. Ivanti is the only ITSM vendor that measures the digital employee experience, providing insights into employee sentiment and the performance of devices, applications and security measures.

In a landscape of rapid technological change, Ivanti’s solutions offer the flexibility and security required to lead the pack. Through the power of advanced AI, resilient security and seamless integration, Ivanti equips organisations to deliver exceptional service and spearhead digital transformation with confidence.

Want to learn more? Check out our webinar, Beyond the Surface: Unveiling the True Power of ITSM, to take a fresh look and elevate your service management game to gain a competitive edge.

How AI can alleviate help desk workloads

Mon, 24 Feb 2025 16:46:45 Z

Republished with permission from CIO.com

The rising flood of trouble tickets is straining help desk operations. Yet many still rely on phone calls, outdated knowledge bases and manual processes. Unsurprisingly, this is leading to staff frustration and burnout, dissatisfied end users and persistent security vulnerabilities.

As many as 56% of IT workers say that help desk ticket volume is up, according to a survey by Ivanti. The reasons include more software deployments, network reliability problems, security incidents/outages and a rise in remote working.

Old solutions for new problems

Today’s burden is acute because help desks are responding to the same questions and problems in the same way. For many, the main channel of interaction with users is the telephone.

That means organisations are lacking a viable, accessible knowledge base that can be leveraged, says Alan Taylor, director of product management for Ivanti — and who managed enterprise help desks in the late 90s and early 2000s. “We end up in a cycle of constantly looking back at incomplete or poorly documented trouble tickets to find a solution.”

How AI can improve help desk workloads

AI can improve many help desk tasks. Yet Ivanti’s Everywhere Work Report found only 40% of respondents were using AI for ticket resolution, 35% for knowledge base management and only 31% for intelligent escalation. With AI, these activities can have a positive impact on help desk operations and end-user satisfaction. Organisations don’t need to overhaul major business processes to achieve these targeted results, says Taylor.

In fact, there are a number of steps organisations can take to successfully introduce AI to alleviate staff workload.

Start with a small pilot project. This could include automating a frequently asked question or ticket routing, to demonstrate the value of AI without overhauling processes. These pilot projects can be expanded as success is proven.
Prioritise automation of routine tasks. “AI can have a big impact here,” Taylor says. “Use AI to drive automation for repetitive, low-complexity tasks like ticket classification, prioritisation, and routing. This helps reduce manual effort and improves response times.”
Educate and train help desk analysts. A lot of organisations talk about AI and its benefits at a high level, notes Taylor. “But that rarely filters down to the help desk analysts taking end user calls.” Equip the team with the necessary training to work with AI tools. Ensuring they understand how to use the tools effectively will alleviate concerns and boost engagement.

Prioritise high-quality data

Effective AI is dependent on high quality data. “The number one help desk data issue is, without question, poorly documented resolutions,” says Taylor. “High quality documentation results in high quality data, which both human and artificial intelligence can exploit.” Upskilling help desk staff to create good documentation is a critical step in leveraging AI for improved operations.

Ivanti’s service automation offerings have incorporated AI and machine learning. These technologies handle ticket classification, improving accuracy. Accurate classifications, in turn, can be used by AI to route problems consistently for fast resolution. Finally, Ivanti software uses AI to see where and how incidents are clustering, exposing root causes and enabling the help desk to craft a systematic response.

The bottom line

IT leaders can start breaking the repetitive, exhausting help desk logjam. They can tactically exploit AI and machine learning in small projects that relieve the workload, improve end user satisfaction and build trust in AI’s capabilities. High-quality data is essential for effective AI.

How to Identify Your Organisation’s Attack Surface

Thu, 05 Oct 2023 14:59:23 Z

Our glossary page on attack surfaces defined the terms associated with the concept. This post provides information that'll help your organization identify its attack surface.

Much like your lawn after a good rain, your attack surface will grow rapidly if left unchecked. Along with increases in attack surface size comes an increase in cybersecurity risk. That risk can’t be eliminated as attack surfaces are always evolving, but it must be carefully managed.

How do I identify my organisation’s attack surface?

Managing that risk begins with identifying your organization’s attack surface. More specifically, you must identify what lurks below the surface — the endpoints, vulnerabilities and other attack vectors that expose your environment.

To quote CIS Critical Security Controls (CIS Controls) v8: “Enterprises cannot defend what they do not know they have.” But how does one figure out what they have? If you or anyone from your team has ever wondered the same, you’ve come to the right place.

By the end of this post, you’ll discover the answers to these questions and better understand how to identify your organization’s attack surface using modern best practices:

How do I identify my organization’s digital attack surface?
What is attack surface management (ASM)?
What is cyber asset attack surface management (CAASM)?
What is external attack surface management (EASM)?
What are digital risk protection services (DRPS)?
What’s the difference between CAASM, EASM and DRPS?
Are there any options beyond ASM offerings for identifying digital attack surfaces?
How do I identify my organization’s physical attack surface?
How do I identify my organization’s human attack surface?

How do I identify my organisation’s digital attack surface?

Identifying your digital attack surface can be difficult with traditional tools and practices, especially as that surface seems to expand exponentially every year. Fortunately, technology and service providers are mobilizing to meet this moment with attack surface management (ASM) offerings.

Attack surface management (ASM)

Gaining visibility into the IT assets deployed across your organization — plus their exposure and associated risk — is essential to achieving a strong cybersecurity posture. Leading security frameworks corroborate this stance. For instance, the first Function of the National Institute of Standards and Technology Cybersecurity Framework (NIST CSF) Version 1.1 is Identify, and NIST states, “The activities in the Identify Function are foundational for effective use of the Framework.” Similarly, CIS Controls v8 contains the following Controls:

Control 1: Inventory and Control of Enterprise Assets
Control 2: Inventory and Control of Software Assets
Control 7: Continuous Vulnerability Management

Such visibility is also the key to defining your digital attack surface. Unfortunately, organizations have long struggled to attain high levels of visibility.

Research from Randori and Enterprise Strategy Group (ESG) reveals that, on average, organizations have 30% more exposed assets than traditional asset management programs indicate. That figure stands to grow if companies fail to act as Gartner predicts 75% of employees will acquire, modify or create technology outside IT’s visibility by 2027.

Companies need to close the gap between the number of assets exposed to attackers and the number they know about. They must eliminate those blind spots and unmanaged technology from their environments. ASM does just that. According to Gartner, ASM aims to answer the question: “What does my organization look like from an attacker’s point of view, and how should it find and prioritize the issues attackers will see first?”

What is attack surface management (ASM)?

By taking an attacker’s perspective, ASM enables security teams to gain visibility into assets over which IT lacks governance and control, such as shadow IT, third-party systems and line-of-business applications.

It works by combining people, processes, technologies and services to continuously discover, inventory and manage an organization’s internal and external assets. By doing so, ASM ensures any newly identified exposures are addressed before they can be exploited by malicious actors.

ASM is comprised of three areas: cyber asset attack surface management (CAASM), external asset surface management (EASM) and digital risk protection services (DRPS). Each area focuses on a specific use case: CAASM for assets and vulnerabilities, EASM for external assets and DRPS for digital assets.

When combined, their capabilities can greatly help the 47% of security professionals surveyed for Ivanti’s Government Cybersecurity Status Report that lack visibility into all the users, devices, applications and services residing on their networks.

What is cyber asset attack surface management (CAASM)?

CAASM provides a complete, current and consolidated view of an organization’s internal and external assets, such as endpoints, servers, devices and applications. CAASM products enable this visibility by collecting data from existing internal sources such as asset discovery, IT asset management, endpoint security, vulnerability management and patch management tools as well as ticketing systems via API integrations.

Collected data is automatically aggregated, normalized and deduplicated, then presented in a single user interface, eliminating the need for IT and security teams to manually gather and reconcile asset data. CAASM products also let those teams query against collected data, identify security vulnerabilities, spot gaps in security controls and remediate issues.

Gartner states less than 1% of companies had CAASM functionality implemented in 2022 but anticipates 20% will by 2026. Adoption is thought to be slow as CAASM relies on existing technologies but doesn't replace any of them. It can also likely be attributed to the fact that there are currently limited vendors in the CAASM space

What is external attack surface management (EASM)?

As its full name implies, EASM focuses on an organization’s external attack surface by employing processes, technology and managed services to discover internet-facing assets and systems plus related vulnerabilities.

Examples of external assets and systems EASM discovers include web applications, Internet Protocols (IPs), domain names, Secure Sockets Layer (SSL) certificates and cloud services. Additionally, examples of vulnerabilities discovered by EASM include — but aren't limited to — exposed servers, credentials, public cloud service misconfigurations, deep web and dark web disclosures and vulnerabilities in third-party partner software code.

In addition to asset discovery, EASM products commonly offer other capabilities, including:

Active external scanning of cloud, IT, IoT and OT environments.
Analysis of assets to determine if they are risky, vulnerable or behaving in an anomalous manner.
Prioritization of assets based on business impact, likelihood of exploitation by a malicious actor and other factors.
Remediation workflow and third-party integrations with ticketing systems, security orchestration, automation and response (SOAR) solutions and other tools.

The main benefits of EASM are its ability to provide visibility of unknown digital assets and an outside-in view of an organization’s external attack surface. These benefits have helped 31% of companies with an EASM solution to find unknowingly exposed sensitive data, 30% to discover unknown or third-party hosted web assets, and 29% to discover unknown misconfigurations and vulnerable systems.

EASM’s benefits have also driven 34% of organizations to deploy a dedicated EASM offering. Like CAASM products, EASM products don't replace any existing technologies — meaning they require net-new spending — and there aren't currently very many of them on the market. However, unlike CAASM, EASM products aren't dependent on any existing technologies to operate, making them easier to adopt.

What are digital risk protection services (DRPS)?

DRPS blends technology and services to protect digital assets and data from external threats. It does so by extending detection and monitoring outside the enterprise perimeter — to the open web, deep web, dark web, social media and app marketplaces — to search for threats to enterprise digital resources, including IP addresses, domains and brand-related assets.

As organizations engage in more and more online activities, it's critical for security teams to adopt DRPS capabilities and look beyond threats within the enterprise network.

According to Gartner, DRPS products don't simply identify threats, but provide actionable intelligence on threat actors as well as the tools, tactics and processes they exploit to carry out malicious activities. Additionally, DRPS also enables security teams to mitigate active threats using a combination of people, process and technology;and carry out activities required to foil future threats and protect digital assets.

In its 2022 Hype Cycle for Security Operations, Gartner indicated DRPS is two to five years away from reaching the last key phase of a technology’s life cycle. That phase — deemed the Plateau of Productivity — is defined as follows:

Mainstream adoption starts to take off. Criteria for assessing provider viability are more clearly defined. The technology's broad market applicability and relevance are clearly paying off.

Delayed adoption of DRPS plus other ASM solutions like CAASM and EASM can likely be attributed to market confusion on the distinction between such solutions. We'll erase some of that confusion in the next section.

What’s the difference between CAASM, EASM and DRPS?

CAASM, EASM and DRPS are all components of ASM. Additionally, they all focus on security asset management and issue prioritization. These similarities have caused confusion in the market between these different solutions.

The following table highlights the differences between CAASM, EASM and DRPS to help you distinguish between the different solutions:

Feature / Capability	CAASM	EASM	DRPS
Focus area	Assets and vulnerabilties	External assets	Digital risk
Applicable assets	Endpoints Servers Devices Applications	Web applications IPs Domain names SSL certificates Cloud services	IP addresses Domains Brand-related assets
Composition	Technology	Technology Services Processes	Technology Services
Capabilities	Collect, aggregate, normalize, deduplicate and present data Query against collected data Identify security vulnerabilities Spot gaps in security controls Remediate issues	Discover assets Employ active external scanning of cloud, IT, IoT and OT environments Analyze assets Prioritize assets Leverage remediation workflow Integrate with third-party ticketing systems, SOAR solutions and other tools	Detect and monitor for threats outside the enterprise perimeter Gain actionable intelligence on threat actors Mitigate active threats Carry out activities required to foil future threats and protect digital assets
Data sources	Passive data collection via API integrations with existing internal tools: Asset discovery ITAM Endpoint security Vulnerability management Patch management Ticketing systems CAASM tools commonly also collect data from DRPS and EASM tools.	Active Internet-wide scans performed by EASM Passive DNS WHOIS	Monitoring of: Open web Deep web Dark web Social media App marketplaces
Sample vendors	Axonius Balbix JupiterOne Lansweeper Lucidum Noetic Cyber OctoXLabs Panaseer Qualys Resmo runZero Scrut Automation Sevco ThreatAware	C2SEC Censys Cyberpion CyCognito FireCompass Palo Alto Networks (Cortex Xpanse) Pentera Randori Reposify RiskIQ (a Microsoft company)	BlueVoyant CloudSEK Digital Shadows Group-IB GroupSense HelpSystems (PhishLabs) IntSights (a Rapid7 company) SafeGuard Cyber ZeroFox

In the future, the distinctions between these solutions may not matter much. Gartner predicts 70% of all CAASM, EASM and DRPS functionality will be part of broader, preexisting security platforms by 2026 and not provided by standalone vendors as it is today.

Are there any options beyond ASM offerings for identifying digital attack surfaces?

Organizations have had a need to identify and manage their digital attack surfaces since before ASM solutions have been available. Instead of ASM solutions, many organizations have leveraged — and continue to leverage — other approaches to do so:

Approach used in place of ASM solution	Description	Pro	Con
Asset discovery tools	Find and inventory hardware and software assets connecting to your network.	Already deployed at most organizations. Better than spreadsheets.	Often has blind spots such as shadow IT, third-party systems and line-of-business applications.
Breach and attack simulation (BAS)	Automatically test threat vectors to gain a deeper understanding of security posture vulnerabilities and validate security controls.	Generates reports on security gaps and prioritizes remediation based on risk.	Only focuses on known attacks. Doesn't provide remediation.
Cloud security posture management (CSPM)	Understand changes in cloud configurations.	Ability to understand cloud configuration changes.	Doesn't reveal when configurations drift out of compliance or potential impact of emerging threats.
Configuration management database (CMDB)	Track changes made to systems.	Already deployed at most organizations. Know when configuration changes are made.	Doesn't reveal when configurations drift out of compliance or potential impact of emerging threats.
Homegrown approach	Combine spreadsheets, scripts and manual processes to manage attack surface.	Inexpensive or free from a pure cost perspective (overlooking analyst hours).	Time-consuming and error-prone. Not scalable or real-time.
IT asset management (ITAM)	Track and monitor assets through their full lifecycle.	Already deployed at most organizations. Better than spreadsheets.	Only covers known and managed assets while overlooking unknown or unmanaged facets of attack surface.
Penetration testing (e.g., automated penetration testing tools and penetration testing as a service)	Identify vulnerabilities within your network and applications by simulating a cyberattack.	Provides examples of security posture and associated budget priorities.	Only focuses on the first phase of the cyber kill chain: reconnaissance. Also, results are typically point-in-time and only as good as the penetration testers carrying out the simulation.
Red teaming	Provides a comprehensive picture of an organization’s cybersecurity posture by staging a cyberattack simulation against networks, applications, physical safeguards and employees.	Goes beyond penetration testing by focusing on other phases of the cyber kill chain. Also goes beyond digital attack surface and touches on physical and human attack surfaces.	Results are typically point-in-time and only as good as the penetration testers carrying out the simulation.
Threat intelligence	Access information on threats and other cybersecurity issues.	Arms security experts with intelligence on threats and vulnerabilities.	Geared toward organizations with highly mature security operations consisting of skilled personnel and extensive resources.
Vulnerability management tools (e.g., scanners)	Identify and manage vulnerabilities within your infrastructure and applications.	Already deployed at most organizations.	No visibility into unknown assets. Overwhelming amounts of data.

While these technologies, services and other approaches don't offer all the capabilities and benefits that purpose-built CAASM, EASM and DRPS solutions deliver, most still have their place in an organization’s IT and security practices. In fact, CAASM tools can't function without data from asset discovery, ITAM, vulnerability management and/or patch management tools.

Similarly, according to Gartner, EASM complements a few of the technologies and services listed above. These include threat intelligence and various types of security testing, including breach and attack simulation, penetration testing as a service and automated penetration testing and red teaming tools.

How do I identify my organization’s physical attack surface?

The first major component of an organization’s physical attack surface is what may be referred to as its endpoint attack surface as it’s composed primarily of all the endpoints that connect to the organization’s network: desktop computers, laptops, mobile devices and IoT devices.

Fortunately, this component of the digital attack surface can be identified via any CAASM tool used to identify the same elements of the digital attack surface, eliminating the need to purchase another new technology. Asset discovery and ITAM tools are other, if less capable, options.

The second major component of an organization's physical attack surface is its offices, data centers and other facilities. Again, fortunately, techniques already used in the identification of the digital attack surface overlap with those that can be used to identify the physical attack surface. In this case, that'd be the physical penetration testing component of red teaming.

How do I identify my organization’s human attack surface?

Identifying your human attack surface begins by looking at your organizational chart. Anyone associated with your organization that possesses the ability to access your organization’s sensitive information — or to prevent others from accessing that information — can contribute to your human attack surface.

That includes not just full-time employees but part-time employees, board members, contractors, partners, vendors, suppliers, temps and others as well.

On top of that, it includes both the people currently in those roles and anyone that's held those roles in the past. Press Reset: A 2023 Cybersecurity Status Report shows nearly half of security professionals believe or know the login credentials for some former employees and contractors are still active, allowing those individuals access to company systems and data.

The tricky part is that it’s not humans themselves but their actions — or inactions — that make up a human attack surface. Those actions and inactions are hard to spot as they often happen in the moment and out of sight of others, especially with more and more people working remotely.

Red teaming, a practice used to identify elements of both the digital and physical attack surfaces, can also be used to identify a major component of the human attack surface: employee susceptibility to social engineering. Red teamers accomplish this by attempting to manipulate employees into offering up sensitive information such as access credentials via phishing, smishing, vishing and other tactics.

Improper assignment of user privileges is another major contributor to human attack surfaces. Reviewing the systems and data the people that contribute to your human attack surface have access to, plus the levels of access they possess, is another way to identify parts of that surface.

Identifying most other elements of human attack surfaces requires employees to be vigilant for issues and to hold others accountable. For example, say one employee sees that another has written their password on a post-it note and stuck it to their monitor or that an HVAC vendor propped the back door to an office building open.

That employee should politely inform the others they are in violation of security best practices — and likely company policy as well — and ask them to correct their actions. When necessary, they should also involve the organization’s security team.

You’ve identified your organization’s attack surface … now what?

With the information in this post, you should be well on your way to identifying your organization’s digital, physical and human attack surfaces. Once you achieve that visibility, it’s time to take the next step: minimizing your attack surface.

Read The 8 Best Practices for Reducing Your Organization’s Attack Surface to uncover the technologies and tactics your organization can employ to shrink its attack surface.

ITAM vs. ITSM vs. ITOM: What's the difference?

Thu, 31 Aug 2023 17:42:40 Z

IT asset management (ITAM) and IT service management (ITSM) are critical for any organization that requires IT capabilities to support business objectives. Both technologies provide IT operational support to an organization, but the nature and objectives of these technologies are quite different.

Further, these processes are different than ITOM, or IT operations management, which encompasses managing the operations of an IT infrastructure and involves the monitoring, troubleshooting and maintenance of IT systems, applications and services.

Here, we will explore the differences and similarities between ITAM and ITSM.

ITAM – IT asset management

An “IT asset” refers to both hardware and software that an organization uses to support its business objectives. When organizations have accurate IT asset inventory reports, they’re able to make informed IT purchase decisions. However, IT assets are often updated, moved and refreshed, making it difficult to maintain up-to-date asset information.

When IT asset reports are inaccurate, they expose the organization to unnecessary IT purchases, software audits and security breaches. ITAM provides recommendations and best practices for managing IT assets that support the organization’s objectives. So a short definition would be:

IT asset management involves accounting for, deploying, maintaining, upgrading and disposing of an organization's IT assets as needed. In essence, it's ensuring that all these assets, whether tangible or intangible, are being properly tracked and utilized within the organization.

IT asset management (ITAM) best practices suggest that an IT asset be linked to its associated contractual and financial information so that organizations can track the overall costs associated with their IT assets.

Furthermore, ITAM provides guidance to IT asset managers on creating standards, processes, policies and measurements to increase control. This ensures compliance with business objectives and reduces risk, along with containing or reducing costs.

When ITAM practices are implemented, IT assets will be tracked from purchase to disposal; often called IT asset lifecycle management. For example, an ITAM hardware disposal process will ensure that when old laptops are disposed of during a refresh, the associated software licenses are properly harvested so they can be redeployed.

According to Gartner, IT asset management (ITAM) provides an accurate account of technology asset lifecycle costs and risks to maximize the business value of technology strategy, architecture, funding, contractual and sourcing decisions.

Other aspects of ITAM

To ensure efficient IT asset lifecycle management, ITAM business practices include processes for IT asset requests, approvals, procurement, disposal and redeployment. These processes ensure that IT assets are documented when purchased and properly tracked as they’re deployed and redeployed.

In looking at ITAM vs. ITSM, it’s important to remember that most IT service management (ITSM) solutions provide capabilities that support IT requests and approvals. So it’s important that ITAM solutions selected by an organization integrate with the organization’s ITSM solution.

It's also important to note that most comprehensive ITAM solutions offered by software vendors provide processes that span multiple departments of an organization. This means that most IT asset management solutions are selected and owned by business executives, not IT managers.

ITSM – IT service management

Organizations that require IT assets to support business objectives also require IT services to ensure assets are properly working in the role for which they were purchased. IT service management (ITSM) is not just about software tools; it’s also about processes, people and technology. ITSM software is a component of the overall ITSM solution, one we can define as:

IT service management is a strategic approach for designing, delivering, managing and improving the way you use information technology (IT) within an organization. The goal of IT service management is to ensure that the right processes, people and technology are in place so that the organization can meet its business goals.

ITSM software solutions come with several components such as a database, business objects (users, groups, roles, etc.) and a process engine. Most ITSM solutions offered by vendors today follow industry best practices.

ITOM – IT operations management

ITOM differs from ITAM or ITSM in that it covers a wide range of activities, from managing the physical hardware to managing the software and applications that run on it. It also involves ensuring the security and availability of IT systems. The ultimate goals of ITOM are to optimize the performance and efficiency of IT systems and to ensure they meet the needs of the organization. ITOM also ensures that IT systems comply with industry standards and best practices.

Industry best practices

Another aspect of the ITAM vs. ITSM backstory is that as IT solutions became more widely adopted, a need grew for industry standards. These standards were necessary to define common terminology and establish best practices.

ITAM subscribes to the best practices of the International Association of Information Technology Asset Management (IAITAM), adding a layer of professional insight across its capabilities.

Originally, ITSM was aligned only with the IT Infrastructure Library (ITIL). However, it has since expanded to include other standards such as ISO2000, VeriSM and IT4IT.

In terms of compliance processes, ISO 20000 is more stringent and authoritative than ITIL. ITIL, on the other hand, is a set of recommended best practices that organizations can choose to implement to varying degrees, according to their needs and preferences.

VeriSM is a service management approach for the digital age that helps service providers create a flexible operating model to meet desired business outcomes.

The IT4IT Reference Architecture standard consists of the IT Value Chain and a three-layer reference architecture. The IT Value Chain comprises the four IT value streams, which play a vital role in helping IT control the service model as it advances through its lifecycle.

All these standards have overlaps across all aspects of best practices while looking at them from slightly different angles.

To help IT service employees stay up to date and educated, each of these industry best practices offers certification and training. These certifications emphasize practical skills and procedures rather than specific products.

These software solutions are typically designed to meet most, if not all, of these industry recommendations.

Organizations like Pink Elephant exist to evaluate ITSM software solutions and certify them against industry standards. If you plan to implement best practices, choosing certified ITSM tools is advisable.

CMDB or ITAM?

Another point to understand in looking at ITAM vs. ITSM? Comprehensive ITSM solutions offer configuration management capabilities along with a configuration management database (CMDB) to support and manage IT assets that provide services to the organization.

Both ITAM and ITSM provide guidance for managing IT assets, which can be confusing until you explore the objectives of each practice.

ITAM objectives focus on managing an IT asset’s overall cost, including ownership, associated contracts with asset lifecycle, warranty and refresh information. ITAM focuses on IT assets from an organization’s financial perspective.
An ITSM’s configuration management objectives look at IT assets from an operational and support perspective. Asset availability and stability impact an organization’s day-to-day operations, so assets need to be documented along with their configuration and service offerings.

Can you use a CMDB for ITAM?

To answer this question, let’s take a look at how airlines manage their flights. Airlines manage their flights using a database with flight numbers that describe a service. A separate asset database maintains inventory information listing the physical aircraft, along with relevant maintenance information.

When a problem is found with an aircraft, the airline will sometimes swap the aircraft for another. Because they maintain services and equipment in different databases, the airline can switch out the aircraft without having to change the flight number.

Much as it wouldn’t be practical for this airline to manage its flight services in the same database they use to manage its aircraft inventory, it’s not practical to use a CMDB for both ITAM and Configuration Management.

Most IT assets are refreshed every 3–4 years, while IT configurations with supporting assets are maintained and updated, not replaced. Therefore, you should use a CMDB to maintain and manage the lifecycle of a service while pulling the supporting assets from an IT asset management database.

Summary: ITAM vs. ITSM is really ITAM + ITSM

ITAM and ITSM are both critical for any organization that uses IT assets to support business objectives. In considering ITAM vs. ITSM, it’s really not a matter of choosing between the two but combining as a perfect pairing. Both have an essential role and work more powerfully as a team.

When looking to build, expand or change your IT asset management solution or your IT service management solution, you need to be sure to explore integration capabilities for both solutions.

With the right tools in place, you can automate and improve IT processes that support IT assets. These improvements increase efficiency and control while reducing the inevitable costs and mistakes that occur from manual tasks being performed by an operator or analyst.

Get IT Right by Focusing on Service Strategy

Thu, 24 Aug 2023 16:06:25 Z

Too often, we in IT get so busy performing the day-to-day work and fighting the many fires that come at us each day that we neglect to take a moment and focus on ways we can be strategic about how we do our jobs.

When building or expanding IT Service Management offerings, it’s important to understand how taking time to focus on service strategy can greatly improve the efficiency of service delivery.

First, let’s begin by defining a few terms.

What is ITSM (IT Service Management)?

IT Service Management is a strategic approach for designing, delivering, managing and improving the way information technology (IT) is used within an organization. The goal of IT Service Management is to ensure that the right processes, people and technology are in place, so that the organization can meet its business goals.

What is IT Infrastructure Library (ITIL)?

IT Infrastructure Library (ITIL) refers to a group of documents created in the 1980s that provide a framework and best practices for building an IT Service Management (ITSM) solution. By following the recommended ITIL processes, organizations supporting an IT infrastructure can increase efficiency, while reducing service management costs.

What is a service strategy process?

ITIL defines five major areas to service strategy that can accelerate organizational success:

Strategy management for IT services: assessment and measurement of IT strategy
Service portfolio management: defining and documenting IT services.
Financial management for IT services: determining IT service costs and budgeting.
Demand management: forecasting future demand for IT services and budgeting resources.
Business relationship management: managing the feedback and improvement of the IT services.

To properly manage your environment, you need to first design a plan, then determine the type of services you are delivering, validate all costs and budgets, forecast demand, learn how to gather feedback and perform continuous service improvements.

How to design a service portfolio strategy

Design the plan

Constructing a service portfolio can be one of the most challenging tasks for an IT organization. It is essential to resist the temptation of continuing outdated practices and strive for success.[EC4]

Try surveying your end user community to understand their challenges and ever-changing needs. You can narrow down the survey results to capabilities you have within your IT organization and put in place services to support these needs. Caution should be taken to ensure that you follow best practice guidelines for enabling services the drive consistency and end-user process improvements.

Determine the type of service(s) you are delivering

Deciding on the type of service you’re offering today and wish to deliver in the future is a critical piece that will help you understand and minimize how many actual services you are delivering.

Consolidate where you can maximize resource usage, improve application management, and simplify the end user’s process for selecting assistance with the desired services. Too many services will complicate the end user’s interactions with the IT support organization.

Ensure that you evaluate your current services regularly to determine if they are necessary and consider potential services you may want to add in the future. Additionally, take the time to properly set up your nomenclature to reduce the need for future changes.

Validate all costs and budgets

Evaluating the cost of services needs to include not only personnel, software, hardware, services, but also soft costs, such as the cost and/or reduction in time for the people consuming those services.

Understanding soft costs can make a significant difference in expressing the value of services you’re delivering.

Forecast resource demand

The ever-changing world of IT and the consumers of the services makes resource demand forecasting very challenging. However, by understanding what services you are delivering and the historical need for them, you can extrapolate what your demand could be.

Resource consumption adaptability and tasks automation can minimize the negative impact of any forecast changes.

Perform continuous service improvement

The only way to improve your capabilities within an organization is with continual service improvement (CSI). Put relevant analysis and reporting in place to better understand the services you are delivering, the SLAs behind them and how they preform from the perspective of end user satisfaction.

Metrics such as mean time to repair (MTTR), cost per ticket, reopen rate of incidents, call avoidance via self-service, and AI bots and volume by department or location are critically important to help establish improvement initiatives.

With accurate metrics, isolate and focus on areas that require improvement. Lastly, assign a cost to each improvement initiative and prioritize strategically based on cost versus value.

It’s been often stated that “if you fail to plan, you plan to fail.” Although some ITIL recommendations might not be practical for every organization, they are a great place to start when building an IT Service Management solution.

The ITIL service strategy processes focus on planning for an outcome and evaluating your performance against customer expectations. ITIL encourages periodic evaluation and amendments of processes to respond to the ever-changing environment, with the aim of being more effective in delivering service value to your organization.

How to Use Generative AI for Knowledge Management

Tue, 27 Jun 2023 14:30:00 Z

In the blog “How Generative AI Can Benefit Knowledge Management”, we looked at the benefits of AI to knowledge management to enhance the quality, automating the creation of content and enabling more engaging content. In enabling generative AI to become part of the knowledge management framework introduces concerns about accuracy, data bias, privacy and security.

Now, it’s time to look at how we can make it work well together...

How to use generative AI with knowledge management

Despite concerns of using generative AI in daily operations, this technology has the potential to be a powerful tool to optimise knowledge management. By carefully considering the potential drawbacks and taking steps to mitigate them, organisations can use generative AI to improve their knowledge management practices.

Here are the five things to consider when using generative AI for knowledge management:

Making sure to identify the type of data that will be used to train the generative AI model. Identification of the data type will help to ensure that the data used is accurate and reliable. Are you going to be using existing knowledge articles, incident data, problem data or combinations of all?
Having identified the data type, generative AI is only as good as the data it's trained on. The old saying ‘garbage in, garbage out’ still applies. Ensure that the data you've identified above is accurate, complete and up-to-date.
Monitoring the output of the generative AI model for signs of bias, misinformation, completeness and accuracy. This can help to ensure that the information generated by the model is reliable.
Developing policies and procedures to manage the risks associated with using generative AI for knowledge management. This is an important step in ensuring the success of your project. These policies and procedures should address issues such as data security, privacy and ethical considerations. They should be designed to ensure that using generative AI for knowledge management is conducted in a responsible and ethical way.
Putting an approval process in place before any knowledge information is shared publicly to ensure that the generated outputs are reviewed and authorised.

By taking these steps, organisations can use generative AI to improve their knowledge management practices while minimising the risks.

Combine generative AI and knowledge management with caution

The effectiveness and impact of generative AI on knowledge management will depend on how it's used and implemented. It's important to carefully evaluate the benefits and risks before deciding whether to incorporate it.

Here are some potential pros and cons:

Pros

1. Automatic generation of relevant content

Generative AI can be used to automatically create knowledge articles from existing data sources, such as product documentation, customer support tickets and employee training materials.

With 32% of IT professionals reporting an increase in helpdesk tickets since the move to remote working, there’s a significant opportunity for enhancement of the knowledge base that can enable quicker and more effective issue resolution, freeing up IT professionals to focus on more strategic tasks, such as developing new knowledge management initiatives and improving the quality of existing knowledge articles.

2. Improved search accuracy

Generative AI can help improve search accuracy by personalising the delivery of knowledge to employees, based on their individual needs and preferences. With an average employee spending 3.6 hours a day searching for information, any time savings in the way knowledge is delivered to them is a win.

Enabling easier and quicker access to information will ultimately enhance your employees’ digital experience.

3. Enhanced automation

Generative AI can assist in automating routine task – even if it's not directly related to the creation of knowledge management articles.

With 85% of IT professionals rating automation and AI investments as profitable ventures, identifying new ways of streamlining their processes can free up time for IT professionals to focus on more complex issues.

Cons

1. Risk of misinformation

Generative AI can potentially produce incorrect or misleading information, which can lead to serious consequences in the IT field. For example, the introduction of malware, or the incorrectly recommending turning off functionality which is used to secure the IT environment from malicious actors.

2. Dependence on AI-generated content

If companies become too reliant on AI-generated content, they may not prioritise the human-generated one or critical thinking skills, leading to a potential loss of expertise. Despite all the discussion around generative AI, human oversight is still required to validate accuracy and approve the generated information.

3. Ethical concerns

There are ethical concerns surrounding the use of generative AI, like potential bias in the data used to train the model, which can perpetuate existing inequalities.

There’s no doubt that generative AI can be a valuable tool for IT knowledge management and while a new exciting technology, there's still much to be learned about the benefits and pitfalls that it may bring.

Each organisation needs to review the potential impact individually and choose an appropriate AI solution that meets their own need for privacy, accuracy and security.

Tips for implementing generative AI for knowledge management

Start small and scale up

It's better to start with a small pilot project and then scale up using generative AI as you gain experience.

Get buy-in from stakeholders

It's important to get buy-in from stakeholders before deploying generative AI in production. This will help ensure that the model is used effectively and that its outputs are trusted.

Monitor the model's performance

It's important to monitor the model's performance after it's been deployed in production. This will help identify any potential problems with the model and improve the model's accuracy.

Continuously improve the model

Generative AI models are constantly being improved. It's important to continuously enhance the model by retraining it on new data and addressing any potential problems that may occur.

Learn more about this topic – watch our webinar on Generative AI for InfoSec & Hackers: What Security Teams Need to Know.

How IT Device Discovery Can Identify Your Network's Assets and Vulnerabilities

Thu, 22 Jun 2023 20:09:10 Z

The security of your organisation’s network is paramount to its success. With the ever-changing landscape of cyber threats, it's important to take the necessary steps to ensure that your network is secure and compliant with industry regulations.

Ensuring compliance requires you to know what’s on your network. But how can that be done when only 48% of leaders and security professionals say they run their asset discovery program at least once per week? One of the most effective tools for identifying assets and vulnerabilities on a network is IT asset discovery.

What is IT discovery and why is it important for IT security?

IT discovery is the process of identifying and cataloging the various hardware, software and other components that make up an IT infrastructure. This is an essential process to ensure the smooth functioning of IT networks as it allows IT administrators to identify potential issues and plan for future growth.

Once this identification and cataloging of IT inventory is completed, you can maintain a comprehensive inventory of all your assets. Keeping track of all the components making up your network in one place means IT administrators can quickly identify any problems and take the necessary steps to fix them.

And since, on average, up to 30% of an organisation’s IT assets are ghost assets, missing or unaccounted for, it is even more important to have accurate, up to date information about your device landscape.

To quickly detect changes in the network and respond to potential threats, it’s worth automating the discovery process — ultimately, it'll ensure a secure and compliant network.

How does IT discovery work?

IT discovery typically uses manual scanning or automated scanning tools. Manual scans involve manually entering IP addresses into a scanner, while automated scans are done with specifically designed software programs. These programs will search through an organisation's environment, looking for:

Hardware components such as computers, servers, routers and switches.
Software components such as operating systems and applications.
Network connections such as LANs (Local Area Networks) or WANs (Wide Area Networks).

Additionally, as not every asset will be on the network, the ability to discover devices from other sources via connectors is just as critical in providing a comprehensive picture of your entire IT estate.

Benefits of IT discovery for IT security

Accurate device information is an essential component of any organisation’s IT network. Without it, organisations are unable to identify and track assets on their networks or ensure compliance with relevant regulations and standards.

By automating the process of discovering devices connected to your network, you can capitalise on the following benefits:

Provide real-time alerts regarding any changes in the device inventory. This kind of visibility can help your organisation quickly detect potential threats and respond accordingly. With accurate device information, identifying unknown assets and reducing attack surface by removing outdated or unauthorised hardware.
Ensure that a network is compliant with relevant security regulations and standards such as GDPR (General Data Protection Regulation), PCI DSS (Payment Card Industry Data Security Standard), HIPAA (Health Insurance Portability and Accountability Act) and CCPA (California Consumer Privacy Act).
Accurately monitor the performance of IT infrastructure and ensure that it always remains secure. With real-time visibility into all the devices connected to the network, your IT team can easily identify problems, even before they become critical issues, and respond quickly when issues arise. This helps reduce downtime for employees, which in turn leads to improved productivity and employee experience across the organisation.

Respond Quickly to Potential Threats

When responding to potential threats, it’s important for organisations to act quickly to minimise the impact of the attack. With extended visibility into your entire network, you can quickly locate any malicious actors or vulnerabilities that could lead to an attack.

This also allows for more accurate and timely monitoring of changes in your network's architecture, which are critical in identifying potential weaknesses before exploitation can occur.

Additionally, keeping track of who has access to what parts of your network makes monitoring user activities and maintaining up-to-date user profiles a breeze. With threat actors getting better at disguise, ensuring that only authorised personnel have access to the information they need helps reduce the risk of any unauthorised access or misuse.

And if a threat occurs, it’s much easier to determine where it originated from and take appropriate action against it.

Finally, providing valuable insights into how your organisation is responding to potential threats can help improve your security strategy. By measuring response time and tracking incidents over time, you can evaluate which strategies are working best and which ones to amend.

Hungry for more? Watch our webinar recording and explore 5 Best Practices From Real‑World RBVM Programs.

How Generative AI Can Benefit Your Knowledge Management

Tue, 20 Jun 2023 15:24:02 Z

There has been growing interest in the capabilities of generative AI since the release of tools like ChatGPT, Google Bard, Amazon Large Language Models and Microsoft Bing. With the hype comes concerns about privacy, PII, security and, even more importantly, accuracy. And rightly so.

Organizations are treading cautiously with their acceptance of generative AI tools, despite seeing them as a game changer. Many businesses are trying to find the sweet spot that enables them to capitalize on the benefits now, while identifying more strategic uses for generative AI for the future; all without compromising on security.

One area where immediate gains can be obtained within an organization is their knowledge management. This initiative has been challenging for many organizations, yet it’s one that can drive employee productivity and deliver significant benefits to support teams, who'd typically maintain knowledge manually.

How generative AI and knowledge management intersect

Generative AI refers to a type of artificial intelligence that can create new content, such as images, text or even music, based on existing data. It uses machine learning algorithms to analyze and learn from large datasets. From there, it generates new content based on that analysis.

Knowledge management, on the other hand, is the process of capturing, organizing and sharing knowledge within an organization. It involves collecting information from various sources, storing it in a centralized database and making it easily accessible to employees when they need it.

Many organizations manually maintain their knowledge management, opening the door for out of date or poorly written content. By automating many of the tasks involved in knowledge management, generative AI can help improve the efficiency and effectiveness of your knowledge management processes.

Some of the specific ways in which generative AI can optimize knowledge management include:

1. Automating the creation of knowledge articles

Generative AI can automatically create knowledge articles from existing data sources, such as product documentation, customer support tickets and employee training materials. This automation can free up IT professionals to focus on more strategic tasks, such as developing new knowledge management initiatives and improving the quality of existing knowledge articles.

2. Improving the quality of knowledge

Generative AI can improve the quality of knowledge by identifying and correcting errors, archiving old information, as well as by adding context and additional information to knowledge articles. This can help ensure that employees have access to accurate and up-to-date information.

3. Generate new ideas and insights

Generative AI can generate new ideas and insights by combining existing knowledge in new ways. For example, HR, facilities and IT all have articles that talk about onboarding and offboarding employees with an organization.

Generative AI may look at these and produce a merged knowledge article that discusses the end-to-end process of onboarding and offboarding across all three areas. This can save an employee from having to search across three different areas.

4. Solve problems more quickly

Generative AI can quickly solve problems by identifying patterns and trends in data. This can help organizations make better decisions and improve their overall performance.

For example, generative AI may look across IT incidents over a defined period of time and identify a common method of resolution for a group of common issues. Based on its findings, it can generate a knowledge article for service desk agents to resolve issues quicker, and for employees to resolve them themselves via self-service.

5. Create more engaging content

Generative AI can create more engaging content by personalizing it for each user, helping organizations improve their customer experience. Knowledge articles, particularly within HR knowledge, are personalized based on region or language. Being able to generate content unique to their persona will greatly enhance the use and experience to the employee.

What are the drawbacks to generative AI?

Generative AI solutions paired with knowledge management have the potential to revolutionize many industries and fields. However, it isn't without its drawbacks, including:

1. Security and privacy

Generative AI systems used for knowledge management may contain sensitive or confidential information. So, it's crucial to ensure that they are secure and protected against cyberthreats. Additionally, there may be concerns around privacy, particularly if the AI is generating content that includes personal or identifying information.

For example, generative AI can create realistic-looking malware and phishing attacks. These attacks can be used to steal personal information, financial data or other sensitive information.

2. Quality and accuracy

While generative AI models can produce impressive outputs, their quality and accuracy can vary widely depending on the input data and the complexity of the task. The old saying of "garbage in, garbage out" still applies. It can also be difficult to ensure that the AI has access to accurate and up-to-date information, which can affect the quality of what it generates.
For example, training data for ChatGPT is collected from the internet and updated regularly. However, the current version of ChatGPT is trained on data that was collected up to September 2021. This means that ChatGPT may not be able to answer questions about current events or topics that have been in the news since September 2021.

3. Data bias

Generative AI models can inadvertently reflect the biases and prejudices present in the data they're trained on, leading to biased or inaccurate results. This data bias is especially concerning in knowledge management applications, where accuracy is critical.
For example, if a model is trained on a dataset of text that's predominantly from the United States, the model may be less likely to generate text relevant to people from other countries.

Generative AI provides an organization with opportunities to enhance knowledge management through improved quality, engaging content and automation. But there are cautions along the way. Learn what you need to have in place to successfully use generative AI with knowledge management in your organisation.

How to Start a Knowledge Base: Simple Yet Surefire Approach

Tue, 13 Jun 2023 18:36:14 Z

Early in my career, I made the jump from defense contractor to customer support agent for an up-and-coming IT Service Management solution provider. Being new to the team and industry, I felt completely out of place. After the initial product training, I was pointed to a lab computer and told to start diagnosing a set of customer issues. I felt completely lost.

Over time, with significant amounts of studying and leaning on my peers, I figured things out and eventually became one of the go-to analysts. The challenge with this method was that this vast empirical knowledge was locked in each analyst’s brain. When we lost an employee, we also lost their extensive expertise. Eventually, a knowledge base initiative was started.

Why investing time and effort in a knowledge base setup is a good idea

While there are some obvious reasons to have a knowledge base, like:

Speeding up the resolution time of customer issues.
Maintaining employee productivity and satisfaction at work.
Increasing analyst time-to-effectiveness.
Delivering consistent solutions.

There are a few not-so-obvious reasons to maintain it, such as:

Eliminating tribal knowledge

This is knowledge that's held privately by individuals with the intention of increasing their value, yet makes the organisation vulnerable.

Improving the perception of your organisation and products

Providing responsive, accurate resolutions can eventually lead to product satisfaction and customer retention.

Reducing IT support costs

If the knowledge base is tailored properly and made available to self-service users, whether through a web portal or a virtual assistant (chat bot), then issues may be resolved, without even requiring a call to the service deck.

This is sometimes called Level 0 support. Also, with analysts closing issues faster, their productivity increases, often eliminating the need for added headcount.

Where to start with setting up a knowledge base

Most modern service management solutions include an integrated, yet unpopulated, knowledge base repository that's ready to receive your valued input.

Even though there are many great knowledge base vendors out there, they may not be able to integrate with your service management environment. Also, while not a knowledge base solution, SharePoint offers a knowledge template that can get you started.

In addition to standalone knowledge base solutions, you may wish to consider populating your knowledge databases with packaged knowledge. These knowledge packs, offered by various companies, focus on topics like Windows, Office 365, Adobe, macOS and others. These concentrated, ready-to-use knowledge packs are highly valuable, assisting young IT support organisations with helping customers and quickly resolving issues.

While many organisations can utilise pre-packaged knowledge, most organisations also support unique solutions that require specialised knowledge. For an established organisation, that's been providing support for quite some time, they'll already have valuable information in the form of past support tickets that can be quickly put into a knowledge base.

If the organisation is new or a new solution has recently been released, engineering teams will be heavily relied on for initial support knowledge.

Nearly all modern IT Service Management solutions will have the functionality to initiate new knowledge articles directly from resolved and closed incidents. For example, Ivanti Neurons for Service Management has an action link ‘button’ that seamlessly moves key incident data into a new knowledge base template.

It also includes workflows to vet, test and refine articles before publishing. The challenge is that ticket resolution data is often not written in a repeatable step-by-step, easy-to-understand format.

Motivating busy support teams to convert and document past incidents into decent articles and to store undocumented data in a searchable repository is the challenge.

How to motivate your teams

The organisation mentioned at the beginning of this blog had a wonderfully effective method of extracting information from analysts’ brains. It used the carrot and stick approach.

First, the stick. As part of everyone’s yearly goals, each support analyst was required to produce a set number of original knowledge articles per month. The target was typically 5–10 per month, which wasn't unreasonable based on our call volume. Not achieving the target number impacted one’s annual review. To ensure superior quality articles were being submitted, articles were first reviewed for duplication.

Next, articles were reviewed for accuracy by distributing them to other team members for technical review. Lastly, they received a final review before being made available to the targeted audience, whether it be analysts only or both analysts and customers.

Next, the carrot. Articles were tracked for usage and analysts were rewarded by the number of times an article was used to successfully resolve an issue. A decent IT service management solution with an integrated knowledge base should support this level of reporting.

Based on monthly usage, analysts whose articles were used the most during the month to resolve incidents received a substantial prize at the end of the year – some gifts were worth several thousand dollars.

Throughout the year, campaigns were created to motivate and remind the teams of the requirements and the rewards. The result was the creation of a sizeable, growing and highly valuable repository of product-specific articles in a brief period.

However you go about motivating your teams to create knowledge content, it'll take a concerted effort and constant reinforcement. The rewards for your efforts will be worth it.

If you’d like to experience all the benefits a modern service management provider can offer, watch the full demo.