Bosses at the USA’s National Security Agency (NSA) haven’t had the best of summers. Regardless of where your loyalties lie on the matter, it’s clear that the Prism scandal-which erupted from the disclosure of classified data by former contractor Edward Snowden-left the agency well and truly spooked.
However, I was still surprised to read that, in an attempt to increase security across the organisation, and no doubt avoid a repeat of the Prism incident, the NSA has announced plans to replace 90% of its system admin staff with automation.
Keith Alexander, director of the NSA, made the announcement at a cyber security conference in New York, telling delegates: "What we’re in the process of doing-not fast enough-is reducing our system administrators by about 90%." Alexander went on to explain that technology could automate much of the work currently done by employees and contractors, making the NSA’s networks "more defensible and more secure," as well as speeding up the whole process.
The reason behind such a move is easy to understand. Providing fewer people access to sensitive data will increase the overall security of operations as it reduces the mathematical chances of another Snowden popping up. There’s no question that automation has numerous immediate benefits for most enterprises. But automating processes purely to reduce staff lacks long-term perspective. In fact, there is a real danger here that the NSA is oversimplifying the issue at hand, and in doing so perpetuating a recurring myth about automation. Smart automation isn’t about replacing human workers with machines. It’s about enabling people.
Automation Facts
Automating business and IT processes increases efficiency, drives growth and reduces costs. As with any organisation, the NSA undoubtedly has many processes which could be instantly improved with automation. However, from my experience I know that the value of process automation increases over time-and its success depends on how people use it. Some organisations are initially attracted to automation by the prospect of cost savings and efficiency alone, but that’s just the beginning. A far greater return on investment comes from using automaton to drive human innovation. This requires coordination between people the technology they use.
For instance, in the commercial world, automation of IT processes enables retailers to improve their stock replenishment processes. With it, companies can pool greater quantities of sales data and more effectively share it within a 24-hour window. That’s a great start. But even greater value materialises when process automation elevates IT teams from time-consuming, daily fire drills and manual process patches. It provides greater control and enables cooperation.
Automation provides IT and business stakeholders a way to connect once-disparate areas of the business and improve processes. Once again, this takes coordination between the process experts and the technology they use. One doesn’t replace the other. When it comes to handling the complicated tasks performed by administrators at the NSA, this could be a significant factor.
The Human Element
The next point I want to make addresses the topic of security. You only have to look at the most recent NSA revelations to see that security is a serious and ongoing issue at the agency. Last week, it was widely reported that analysts used official surveillance kit to spy on ex partners and love interests, while an insider at the agency told NBC News that the "NSA is stuck in 2003 technology".
So could automation help here? While it can do a fantastic job of removing manual processes, producing a culture of innovation, efficiency and cost savings, to think of automation purely in terms of security benefits also indicates a short-term view. Automation can increase the consistency of security processes by automatically notifying people in the event of any unusual activity, or by taking pre-determined actions if something goes wrong. However, complex security requirements ultimately depend on people. Even with updated technology — including automation — the NSA will always require watchful staff to manage its infrastructure. They just need the right people.
If security fears are indeed the driving force for change at the NSA, then, reducing the workforce by 90% fails to recognize one important aspect of the case – that the Prism scandal was created by the actions of a single person — not an entire department. It would take only one person to replicate it. It’s not a question of numbers of employees or even the NSA’s degree of automation. It’s a far more complex issue than that. It’s a human problem.
If the NSA were to empower its staff with automation, rather than replace them, it could divert its intellectual resources to updating and improving both human and IT processes across its entire operation. This could include enhancements to security and monitoring its personnel. Automation is the brawn of any enterprise. It enables smarter, better processes with people. Human beings should still provide the insight, leadership and brains behind the operation. The evidence suggests that for all its foresight and positioning, the NSA has failed to recognise the long-term value of automation as an enabler — not a replacement — for people.
