AIOps and alert fatigue: what IAM teams should watch

TL;DR: AIOps combines machine learning, anomaly detection, and closed-loop automation to reduce alert noise, speed root-cause analysis, and improve incident response in complex IT estates, according to Kong. The governance test is whether automation remains observable, bounded, and accountable when operations increasingly depend on AI-driven decisioning.

NHIMG editorial — based on content published by Kong: What is AIOps? Transforming IT Operations with AI

By the numbers:

• The average cost of IT downtime has reached $9,000 per minute.
• AIOps implementations report a 90% reduction in Mean Time to Detect.
• AIOps implementations report a 60% improvement in Mean Time to Resolution.

Questions worth separating out

Q: How should security teams govern AIOps tools that can take automated action?

A: Treat AIOps as delegated operational authority, not just analytics.

Q: Why do AIOps platforms struggle when alert quality is poor?

A: Because the model can only correlate what it receives.

Q: How can organisations tell whether AIOps is actually improving operations?

A: Look for fewer false positives, faster root-cause identification, and shorter resolution cycles, but validate those metrics against service ownership and audit trails.

Practitioner guidance

• Define automation boundaries for incident response Classify which AIOps actions may execute automatically, which require approval, and which must always remain human-led.
• Improve telemetry quality before expanding automation Normalize logs, metrics, traces, and event naming so correlation engines work on clean inputs.
• Separate recommendation from execution Keep diagnostic output, change execution, and rollback permissions in different control paths.

What's in the full article

Kong's full blog covers the operational detail this post intentionally leaves for the source:

• Step-by-step explanations of how AIOps ingests logs, metrics, traces, and events across a modern stack.
• The article's own breakdown of anomaly detection, pattern recognition, and predictive analytics in operational contexts.
• Practical examples of closed-loop automation, including automated remediation and dynamic resource management.
• The vendor's discussion of implementation challenges such as security, privacy, integration, and team adoption.

👉 Read Kong's guide to AIOps and automated IT operations →

AIOps and alert fatigue: what IAM teams should watch?

Explore further

View Full Forum →  |  NHI Foundation Course →