Trusted automation: Building autonomous IT with confidence

Building autonomous IT and security operations isn't a new idea. Doing it with confidence remains the real challenge.

In a recent CRA webcast, Tanium Chief Security Advisor Tim Morris and host Adrian Sanabria explored why enterprises have historically struggled to automate at scale, and what's now changed to make autonomous AI-driven IT operations finally achievable.

Morris framed the problem as one of visibility and trust. Automation has existed for decades in the forms of robotic process automation, scripting, and orchestration. But organizations layered those solutions on top of outdated processes, creating technical and operational debt.

"There's a saying I hear a lot," said Morris. "Today's solutions are yesterday's problems, and today's problems are trying to fix yesterday's solutions."

In other words, automating IT still feels risky instead of empowering. And without accurate, real-time data, autonomous IT may simply accelerate chaos instead of reducing it.

The turning point, according to Morris, is real-time asset intelligence. Static inventories, spreadsheets, and periodic scans don't build trust. Continuous, live insight into endpoints, configurations, and software states does. That's what lets automation move beyond task execution and into decision-making.

"You can't secure what you don't manage. You can't manage what you don't know," Morris said. "The shorter way of saying that is you just can't automate what you don't understand."

This shift toward decision-making automation supports what Morris calls "continuous compliance" and "pervasive governance."

Instead of sampling 5% to 10% of systems for audits, or waiting months to retest controls, autonomous IT can monitor configuration drift constantly and remediate issues immediately, all while keeping humans in the loop for context and authority. Security, IT operations, and GRC benefit when they base decisions on the same live data rather than from competing reports.

Confidence, however, doesn't come from flipping a switch. Morris advocates a crawl–walk–run (or NASCAR) approach to autonomy. Teams start with visibility, then move to tightly scoped automation with guardrails, validation steps, and known blast radiuses.

As success builds, autonomy expands. Crucially, rollback is treated as a first-class requirement. As Morris noted, automation without an undo button only reinforces fear.

"The beautiful thing about having an automated playbook," he said, "is part of that playbook is the rollback."

Another barrier to confidence is human psychology. Organizations tend to tolerate repeated human errors but may abandon automation after a single machine mistake.

Morris challenges that mindset, arguing that machines are easier to govern precisely because rules and guardrails are enforceable and consistent. Mature automation treats machine failures as feedback, not proof that autonomy doesn't work.

"We as humans are way more forgiving of human error than machine error," Morris said.

He and Sanabria discussed how silos between IT and security can slow progress. When teams argue over whose data is correct, automation stalls. Shared, real-time data becomes a forcing function for collaboration.

Once teams trust the same telemetry, they can automate processes end-to-end — patching, compliance testing, incident response — instead of running disconnected pilots that never scale.

Finally, Morris said that 2026 must be "the year of execution." Experimentation with autonomous IT systems is no longer enough. Successful organizations will tie automation initiatives to concrete business outcomes such as reduced risk, faster remediation, and improved uptime, not just to completed tasks.

Autonomous IT isn't the goal itself, he concluded. It's a tool to deliver resilience, efficiency, and confidence at enterprise scale.