Robotic Process Automation: Security EssentialsDeloitte's Ashish Sharma Details Cybersecurity Risks Associated with Automation
The concept of robotic process automation aims to use machine learning models to create "bots" that automate high-volume, repeatable tasks. But as organizations implement robotic process automation, they must take steps to ensure the integrity of their data security, says Ashish Sharma, a partner in Deloitte's risk advisory services practice.
"The first thing from a CISO's perspective is to assess how secure is the tool itself that you are using - the platform itself that you are bringing in for automation," Sharma says in an interview with Information Security Media Group.
"As a CISO, I should be very careful about what are the aspects of security these platforms offer, what is the level of audit trailing I can expect, and how does the platform look at aspects of access management," he says.
In this interview (see audio link below image), Sharma discusses:
- How to structure a governance mechanism for robotic process automation;
- Must-have controls for the "bots" that automate tasks;
- The risk assessment framework required to maintain secure, trusted robotic process automation.
Sharma is a partner with the risk advisory services practice at Deloitte. He has led and delivered cyber risk assignments in the areas of ERP program management, ERP solution advisory, internal financial controls, GRC implementation, software asset management and supply chain solutions implementation.