State Auto Insurance Discusses the Application of Robotic Process Automation and Machine Learning

Greg Tacchetti - Central Ohio Tech Power Player Honoree

Greg Tacchetti

Chief Information and Strategy Officer

State Auto Insurance



Jason Skidmore




To listen to the podcast, click here!


Chief Information and Strategy Officer for State Auto Insurance, Greg Tacchetti, discusses the application of robotic process automation and machine learning. 


JS: We're here today with Greg Tacchetti, who is Chief Information and Strategy Officer at State Auto Insurance Companies. My name is Jason Skidmore. I'm the CEO of Vernovis, and I'll be your guest moderator today. Greg, thanks for joining me.


GT: Hi, Jason. Thanks for having me.


JS: Pleasure. So, I think I'm going to start with emerging and disruptive technologies – I’d like to get your thoughts on that. In your opinion, what is one of the more exciting disruptive technologies that's beginning to impact work and our lives?


GT: Well, at State Auto, we've been working with two things on that front. Um, you've probably heard of RPA, robotic process automation. We did a proof of concept about a year ago that we went through a couple of trials, uh, and now really have operationalized it and are blowing through the whole organization. We have 35 bots in, uh, production right now and about another 50 in development, with about a 10 times return. Uh, so that's been exciting for us to really be able to apply that tool set to, uh, automating a lot of legacy, back-office stuff and uh, we're most proud that it's not eliminated any jobs, it's just freeing up people's time up to do more value-added work as we're growing the business.

Uh, the second one that we've really just started our journey on is machine learning. You hear a lot about that these days. Um, we're excited about it because a lot of what we do has, uh, predicted outcomes that are hard to find in our business. There's a lot of complex data streams and the data scientists that we've been able to, uh, focus on these issues have really come up with some interesting use cases that, uh, so far have had success rates far in excess, uh, ROI wise than, than even RPA. So, we're really, as I say, just at the beginning of the journey with machine learning and uh, I really hold out a lot of hope that that's going to be a significant impact or force in the next year.


JS: That's great. And you mentioned that 10 times return with RPA and maybe even better with machine learning – do you expect that to even continue accelerating as you continue to get deeper into it?


GT: The pattern that followed with RPA, I think, is instructive. So you, you kinda, as you got up to speed and learned what processes were better to be automated than others, uh, you quickly then got in your inventory set, you know, after the bigger return items, the ongoing maintenance is de minimis. So, the return is going to keep going up on RPA. Uh, so, I think something similar to that will happen with machine learning as we get into this and find, uh, what, uh, processes are better to apply these predictive tool sets to. We will, uh, once we get our feet under us and really understand, I think we’ll go really accelerate into the bigger return items and then there'll probably be a leveling off and a normalization.


JS: Yeah, that's exciting. Thanks for sharing all of that. Let's move to something a little bit different. Cloud technology – obviously not quite as bleeding edge today as it was, but still one of the hottest movements that I think we're seeing overall. So, how has the cloud changed the way that you're managing your infrastructure?


GT: Uh, in two ways. We, um, three years ago when I started at State Auto, started on a major back-office modernization and uh, the breadth of that work pretty quickly determined that we weren't going to be able to handle the aggressive build schedule with the kind of legacy on-prem solutions that we had in place. So, we made the decision very early on to go to AWS for all of our new platform that we were building. Uh, along the way we made the decision to get out of the data center business, so we sold our data center and moved all of our legacy assets into a, uh, co-managed facility.

So, now we're positioned to aggressively grow the business without having to have a lot of CapEx and also, um, we wouldn't be where we are as a company right now if we had not made that move very early on. Uh, and then I started the second way. There's only so much time and energy you have to focus on problems, so, uh, we have, uh, moved to SaaS, uh, commercial-grade products where we can. So, last year we, uh, consumed a project to move our legacy homegrown HR system and finance systems to work day. Uh, so that's, you know, another version of cloud, if you will, but we're, it’s going to be a big part of our future going forward.


JS: I guess it’s been a little busy over there at State Auto, to say the least, right?


GT: Yes, sir.


JS: That's great. Um, finally, I wanted to broach the topic of security. You know, there's just so much going on and so much in the news these days about companies being hacked, critical data being stolen. Obviously, this is an area that everybody is tending to focus on a little bit more, organizationally. In your opinion, how worried should we really be?


GT: Um, so this is a topic that I talk to the board about every quarter. Actually, three years ago this week is my anniversary. And, uh, I had my first board retreat, uh, about three weeks after that, and I was walking around with two of the board members who I had just met and they said, “Well, I know you're new, you've only been here a few weeks, but the board has only been getting cyber updates annually, and we're not comfortable with that, so we'll let you decide. Do you want to do it semi-annually or quarterly?” And I said, “Well, why don't we just go with quarterly?” Uh, and that's been part of a real good partnership with the board. Uh, I usually joke, but not really that, uh, my first, second and third worries are our cyber. Uh, it is the one thing that keeps me up at night more than anything else.

Um, it's an area that, uh, you know, you can do a lot to mature very quickly, but, uh, you can never, in my mind, be safe. And that's usually the context of the conversation we have with the board. We picked up the NIST 800-53 framework and implemented that about two years ago. And we use that as a basis for conversation with the board on where we are maturing, and then I have, uh, one of the very few meetings that I have every week is on cyber and it's all around, uh, current state assessments that we do, external pen tests, you know, we try to be our own worst critics. But to answer your question, I don't think you can worry enough about it. It just, uh, we've done so much to turn the business around over the last three years, and as I talk to the board and it would just take one thing to really, you know, do a lot of damage to us, and that's something that we take very seriously and try to make sure that we're doing everything possible to protect ourselves.


JS: Yeah. So, there are still companies today that don't necessarily have a great security or governance program. What would you recommend to them in terms of where do they start with that?


GT: That's a, you know, it's a question that's near and dear to us, because that would have been us three years ago. So, we had an old framework in place and we did some research and we talked to a number of industry experts, and that's how we arrived at, uh, the, the NIST 800-53 framework. Uh, we engaged an outside partner who has done this to come in and do a third party assessment. And because of my natural paranoia in this field, I had someone to come and double check their work to make sure that, uh, as we built the road maps for how we were going to mature, that we were being as judicious as we could to make sure that we had our arms around, you know, what were going to be the most meaningful investments. Uh, and I'm, you know, I'm happy with where we are, but as I said earlier, you can never be paranoid enough, I don't believe here. And so, my, my advice to anybody starting this journey is to, uh, take it very seriously and you know, work with some people that have been down this path and try to, as you're putting this framework together, make sure that you're engaging your other constituencies in the company, whether it's your senior team or your board to bring them along on this journey. Because, uh, I know at the, uh, a public company with the National Association of Corporate Directors this, back in March or February, they brought in a bunch of government people that scared them pretty badly. So, I got a lot of phone calls and emails from the board after that and they were thankful that we had taught them so much over the kind of intervening two years, so.


JS: Right. Great.


GT: That's my advice.


JS: Okay. Well, Greg, thanks so much for sharing your thoughts and experience with all of us today. We appreciate it.


GT: Thank you, Jason. It's been a pleasure being with you. Thank you.


JS: Take care.


To learn more about sponsorship opportunities for 2019, contact Michelle Ziegler at