UK Construction Excellence September
- No tags were found...
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Network systems have<br />
become so complex that<br />
a single malfunction or<br />
error could shut down a<br />
company’s system, exposing<br />
the business to cyber attack.<br />
Even more shocking was the<br />
fact that 60% of organisations<br />
admitted to tracking changes<br />
manually via Word documents,<br />
emails and spreadsheets.<br />
too are the risks and costs as IT security<br />
personnel find it increasingly difficult to<br />
adequately prioritise resources.<br />
Today’s corporate network<br />
infrastructures are highly likely to<br />
consist of multiple vendor firewalls with<br />
two thirds stating they have up to ten<br />
or more, adding further fuel to the IT<br />
security fire.<br />
Network systems have become so<br />
complex that a single malfunction or<br />
error could shut down a company’s<br />
system, exposing the business to cyber<br />
attack. Even more shocking was the<br />
fact that 60% of organisations admitted<br />
to tracking changes manually via Word<br />
documents, emails and spreadsheets.<br />
Where projects that involve<br />
collaboration are concerned, cloud<br />
applications are a useful way to manage<br />
such projects, but can throw up<br />
challenges, specifically regarding where<br />
the security accountability lies. In fact,<br />
more than one third of respondents<br />
stated responsibility for cloud security<br />
falls outside of security operations,<br />
which adds an extra layer of complexity<br />
to security management.<br />
This will require a change management<br />
process to adapt to a faster, more<br />
diverse environment.<br />
Reducing complexity<br />
To better manage the threat from<br />
cyber attackers, the objective has to<br />
be to close the complexity gap – or<br />
the discord between the growing<br />
number of threats, the technology in<br />
place to prevent them and the lack<br />
of cyber skills to keep pace – before<br />
any damage is irreversible. The key to<br />
improving security will be effectively<br />
managing the inherent complexity of<br />
the technologies and keeping pace with<br />
the environments in which they reside.<br />
Now there are fewer security resources<br />
to monitor and manage the increasing<br />
number of technologies used<br />
within organisations. To tackle this,<br />
management technology systems that<br />
utilise automation in a clever way have<br />
been identified as the ideal remedy.<br />
Security management is more important<br />
than ever to remediate the complexity<br />
gap and offers visibility, intelligence,<br />
integration and automation.<br />
Security management adds an<br />
additional layer of protection which<br />
can work in tandem with any firewall,<br />
regardless of vendor, to quickly and<br />
accurately assess risk and control<br />
policies in a centralised way.<br />
Using Automation<br />
A recent study conducted by Forrester<br />
Consulting found that “Managing and<br />
auditing firewall rules on a manual basis<br />
can expose an organisation to greater<br />
risk of a breach, not to mention the<br />
additional time and senior resources<br />
needed to add new rules and address<br />
change requests.”<br />
Organisations looking to reduce the<br />
likelihood of breaches and adapt their<br />
practices to meet networking demands<br />
in diverse collaborative environments<br />
need a global view of their policies that<br />
spans infrastructure types. Manual,<br />
device-by-device management is not<br />
sustainable. Automation will be critical<br />
to enabling dynamic management<br />
– from automating data intake to<br />
automating workflows to automating<br />
intelligence-based action.<br />
As networking evolves to meet the<br />
needs of an “on-demand” society,<br />
security will have to evolve too<br />
or risk becoming a bottleneck or,<br />
worse, ignored altogether. With better<br />
management of security technologies,<br />
organisations can start to realise<br />
the true potential of their security<br />
investments and greatly reduce risk<br />
from data breaches and cyber attacks<br />
that jeopardise large-scale construction<br />
or engineering projects.<br />
By Michael Callahan, a Vice President<br />
at FireMon<br />
39<br />
39